Export limit exceeded: 45543 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45543 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-53408 | 2026-04-15 | 5.4 Medium | ||
| AVE System Web Client v2.1.131.13992 was discovered to contain a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2024-53442 | 2026-04-15 | 9.8 Critical | ||
| whapa v1.59 is vulnerable to Command Injection via a crafted filename to the HTML reports component. | ||||
| CVE-2025-46262 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zack Katz Mad Mimi for WordPress mad-mimi allows Stored XSS.This issue affects Mad Mimi for WordPress: from n/a through <= 1.5.1. | ||||
| CVE-2025-25159 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robert_kolatzek WP doodlez wpdoodlez allows Stored XSS.This issue affects WP doodlez: from n/a through <= 1.0.10. | ||||
| CVE-2025-25157 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpchurchteam WP Church Center wp-church-center allows Reflected XSS.This issue affects WP Church Center: from n/a through <= 1.3.3. | ||||
| CVE-2024-53484 | 1 Ever | 1 Traduora | 2026-04-15 | 8.8 High |
| Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard-coded JWT signing key. | ||||
| CVE-2025-46234 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Habibur Rahman Razib Control Listings control-listings allows Reflected XSS.This issue affects Control Listings: from n/a through <= 1.0.4.1. | ||||
| CVE-2025-25144 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in theasys Theasys theasys allows Stored XSS.This issue affects Theasys: from n/a through <= 1.0.1. | ||||
| CVE-2025-25142 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Jake Group WP Less Compiler wp-less-compiler allows Stored XSS.This issue affects WP Less Compiler: from n/a through <= 1.3.0. | ||||
| CVE-2025-25117 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Polonski Smart Countdown FX smart-countdown-fx allows Stored XSS.This issue affects Smart Countdown FX: from n/a through <= 1.5.5. | ||||
| CVE-2025-25108 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shalomworld SW Plus shalom-world-media-gallery allows Reflected XSS.This issue affects SW Plus: from n/a through <= 2.1. | ||||
| CVE-2025-25105 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in coffeestudios Pop Up popup-seo-optimized allows Stored XSS.This issue affects Pop Up: from n/a through <= 0.1. | ||||
| CVE-2025-25099 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in accreteinfosolution Appointment Buddy Widget appointment-buddy-online-appointment-booking-by-accrete allows Cross-Site Scripting (XSS).This issue affects Appointment Buddy Widget: from n/a through <= 1.2. | ||||
| CVE-2025-25098 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zack Katz Links in Captions links-in-captions allows Stored XSS.This issue affects Links in Captions: from n/a through <= 1.2. | ||||
| CVE-2025-25095 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through <= 2.1. | ||||
| CVE-2025-25094 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amitythemes.com Breaking News Ticker breaking-news-ticker allows Stored XSS.This issue affects Breaking News Ticker: from n/a through <= 2.4.4. | ||||
| CVE-2025-25091 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zackdesign NextGen Cooliris Gallery nextgen-cooliris-gallery allows Stored XSS.This issue affects NextGen Cooliris Gallery: from n/a through <= 0.7. | ||||
| CVE-2025-25096 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in titusbicknell RSS in Page rss-in-page allows Stored XSS.This issue affects RSS in Page: from n/a through <= 2.9.1. | ||||
| CVE-2025-25085 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matt_mcbrien WP SimpleWeather wp-simpleweather allows Stored XSS.This issue affects WP SimpleWeather: from n/a through <= 0.2.5. | ||||
| CVE-2025-25084 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in antrouss UniTimetable unitimetable allows Stored XSS.This issue affects UniTimetable: from n/a through <= 1.1. | ||||