Export limit exceeded: 346222 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346222 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39412 | 1 Averta | 1 Master Slider | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in averta Master Slider master-slider.This issue affects Master Slider: from n/a through <= 3.11.0. | ||||
| CVE-2025-39411 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Indie_Plugins WhatsApp Click to Chat Plugin for WordPress wpt-whatsapp.This issue affects WhatsApp Click to Chat Plugin for WordPress: from n/a through <= 2.2.12. | ||||
| CVE-2025-39410 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon visucom-smart-sections.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through <= 1.7.8. | ||||
| CVE-2025-39409 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pressaholic WordPress Video Robot - The Ultimate Video Importer wp-video-robot.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through <= 1.20.0. | ||||
| CVE-2025-39408 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress BruteGuard – Brute Force Login Protection bruteguard allows Reflected XSS.This issue affects BruteGuard – Brute Force Login Protection: from n/a through <= 0.1.4. | ||||
| CVE-2025-39407 | 1 Caseproof | 1 Memberpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Caseproof, LLC MemberPress memberpress allows Reflected XSS.This issue affects MemberPress: from n/a through < 1.12.0. | ||||
| CVE-2025-39406 | 2026-04-23 | 9.8 Critical | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPAMS apartment-management allows PHP Local File Inclusion.This issue affects WPAMS: from n/a through <= 44.0. | ||||
| CVE-2025-39405 | 2026-04-23 | 8.8 High | ||
| Incorrect Privilege Assignment vulnerability in mojoomla WPAMS apartment-management allows Privilege Escalation.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39404 | 2026-04-23 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Heateor Support Sassy Social Share sassy-social-share allows Phishing.This issue affects Sassy Social Share: from n/a through <= 3.3.73. | ||||
| CVE-2025-39403 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39402 | 2 Mojoomla, Wordpress | 2 Wpams Plugin, Worpress | 2026-04-23 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39401 | 2 Mojoomla, Wordpress | 2 Wpams Plugin, Wordpress | 2026-04-23 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39400 | 1 Wpeverest | 2 User Registration, User Registration \& Membership | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration user-registration allows Reflected XSS.This issue affects User Registration: from n/a through < 4.2.0. | ||||
| CVE-2025-39399 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashraful Sarkar Naiem License For Envato license-envato allows PHP Local File Inclusion.This issue affects License For Envato: from n/a through <= 1.0.0. | ||||
| CVE-2025-39398 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Themovation Bellevue bellevuex.This issue affects Bellevue: from n/a through <= 4.2.2. | ||||
| CVE-2025-39397 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus@hotmail.com Anything Popup anything-popup allows Reflected XSS.This issue affects Anything Popup: from n/a through <= 7.3. | ||||
| CVE-2025-39396 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 2.3.6. | ||||
| CVE-2025-39395 | 2026-04-23 | 9.3 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39394 | 2026-04-23 | 5.3 Medium | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid Plugins AnalyticsWP analyticswp allows Retrieve Embedded Sensitive Data.This issue affects AnalyticsWP: from n/a through <= 2.1.2. | ||||
| CVE-2025-39393 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla Hospital Management System hospital-management allows Reflected XSS.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023). | ||||