Export limit exceeded: 11837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11837 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62086 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in akazanstev Яндекс Доставка (Boxberry) boxberry allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Яндекс Доставка (Boxberry): from n/a through <= 2.34. | ||||
| CVE-2025-62088 | 2 Extendons, Wordpress | 2 Wordpress & Woocommerce Scraper Plugin, Wordpress | 2026-04-15 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site wp_scraper allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through <= 1.0.7. | ||||
| CVE-2025-62091 | 2 Vollstart, Wordpress | 2 Serial Codes Generator And Validator With Woocommerce Support, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through <= 2.8.2. | ||||
| CVE-2025-62099 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in approveme Signature Add-On for Gravity Forms gravity-signature-forms-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Signature Add-On for Gravity Forms: from n/a through <= 1.8.6. | ||||
| CVE-2025-62100 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in themerain ThemeRain Core themerain-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeRain Core: from n/a through <= 1.1.9. | ||||
| CVE-2025-62101 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah pardakht-delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through <= 3.0.0. | ||||
| CVE-2025-62102 | 2 Apasionados, Wordpress | 2 Dofollow Case By Case, Wordpress | 2026-04-15 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Cross Site Request Forgery.This issue affects DoFollow Case by Case: from n/a through <= 3.5.1. | ||||
| CVE-2025-62106 | 2 Mario Peshev, Wordpress | 2 Wp-crm-system, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.4.5. | ||||
| CVE-2025-62107 | 2 Pluginops, Wordpress | 2 Feather Login Page, Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in PluginOps Feather Login Page feather-login-page allows Cross Site Request Forgery.This issue affects Feather Login Page: from n/a through <= 1.1.7. | ||||
| CVE-2025-62108 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Custom Codes: from n/a through <= 4.80. | ||||
| CVE-2025-62109 | 2 Infinitumform, Wordpress | 2 Geo Controller, Wordpress | 2026-04-15 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through <= 8.9.4. | ||||
| CVE-2025-62119 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ViitorCloud Technologies Pvt Ltd Add Featured Image Custom Link custom-url-to-featured-image allows DOM-Based XSS.This issue affects Add Featured Image Custom Link: from n/a through <= 2.0.0. | ||||
| CVE-2025-58914 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Di Themes Di Themes Demo Site Importer di-themes-demo-site-importer allows Cross Site Request Forgery.This issue affects Di Themes Demo Site Importer: from n/a through <= 1.2. | ||||
| CVE-2025-58916 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through <= 0.9. | ||||
| CVE-2025-62122 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in solwininfotech Trash Duplicate and 301 Redirect trash-duplicate-and-301-redirect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trash Duplicate and 301 Redirect: from n/a through <= 1.9.1. | ||||
| CVE-2025-62125 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshul Gangrade Custom Background Changer custom-background-changer allows Stored XSS.This issue affects Custom Background Changer: from n/a through <= 3.0. | ||||
| CVE-2025-58955 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in designervily Karzo karzo allows PHP Local File Inclusion.This issue affects Karzo: from n/a through < 2.6. | ||||
| CVE-2025-58961 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kamleshyadav CF7 Auto Responder Addon CF7-autoresponder-addon allows DOM-Based XSS.This issue affects CF7 Auto Responder Addon: from n/a through <= 2.4. | ||||
| CVE-2025-58966 | 2 Basixonline, Wordpress | 2 Nex-forms, Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms LITE nex-forms-lite allows Reflected XSS.This issue affects NEX-Forms LITE: from n/a through < 8.2. | ||||
| CVE-2025-58975 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings advanced-settings allows Cross Site Request Forgery.This issue affects Advanced Settings: from n/a through <= 3.1.1. | ||||