Export limit exceeded: 346260 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346260 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39424 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in simplemaps Simple Maps interactive-maps allows Stored XSS.This issue affects Simple Maps: from n/a through <= 0.98. | ||||
| CVE-2025-39423 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Jenst Add to Header add-to-header allows Stored XSS.This issue affects Add to Header: from n/a through <= 1.0. | ||||
| CVE-2025-39422 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in PResponsive WP Social Bookmarking wp-social-bookmarking allows Stored XSS.This issue affects WP Social Bookmarking: from n/a through <= 3.6. | ||||
| CVE-2025-39421 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Mustafa KUCUK WP Sticky Side Buttons wp-sticky-side-buttons allows Stored XSS.This issue affects WP Sticky Side Buttons: from n/a through <= 2.1. | ||||
| CVE-2025-39420 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ruudkok WP Twitter Button wp-twitter-button allows Stored XSS.This issue affects WP Twitter Button: from n/a through <= 1.4.1. | ||||
| CVE-2025-39419 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in David Miller Revision Diet revision-diet allows Stored XSS.This issue affects Revision Diet: from n/a through <= 1.0.1. | ||||
| CVE-2025-39418 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ajayver RSS Manager rss-manager allows Stored XSS.This issue affects RSS Manager: from n/a through <= 0.06. | ||||
| CVE-2025-39417 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Eslam Mahmoud Redirect wordpress to welcome or landing page redirect-to-welcome-or-landing-page allows Stored XSS.This issue affects Redirect wordpress to welcome or landing page: from n/a through <= 2.0. | ||||
| CVE-2025-39416 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ichi translit it! translit-it allows Stored XSS.This issue affects translit it!: from n/a through <= 1.6. | ||||
| CVE-2025-39415 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Jayesh Parejiya Social Media Links social-media-links allows Stored XSS.This issue affects Social Media Links: from n/a through <= 1.0.3. | ||||
| CVE-2025-39414 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Mike spam-stopper spam-stopper allows Stored XSS.This issue affects spam-stopper: from n/a through <= 3.1.3. | ||||
| CVE-2025-39413 | 1 Wpgoplugins | 1 Simple Sitemap | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in David Gwyer Simple Sitemap – Create a Responsive HTML Sitemap simple-sitemap.This issue affects Simple Sitemap – Create a Responsive HTML Sitemap: from n/a through <= 3.6.0. | ||||
| CVE-2025-39412 | 1 Averta | 1 Master Slider | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in averta Master Slider master-slider.This issue affects Master Slider: from n/a through <= 3.11.0. | ||||
| CVE-2025-39411 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Indie_Plugins WhatsApp Click to Chat Plugin for WordPress wpt-whatsapp.This issue affects WhatsApp Click to Chat Plugin for WordPress: from n/a through <= 2.2.12. | ||||
| CVE-2025-39410 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon visucom-smart-sections.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through <= 1.7.8. | ||||
| CVE-2025-39409 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pressaholic WordPress Video Robot - The Ultimate Video Importer wp-video-robot.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through <= 1.20.0. | ||||
| CVE-2025-39408 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress BruteGuard – Brute Force Login Protection bruteguard allows Reflected XSS.This issue affects BruteGuard – Brute Force Login Protection: from n/a through <= 0.1.4. | ||||
| CVE-2025-39407 | 1 Caseproof | 1 Memberpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Caseproof, LLC MemberPress memberpress allows Reflected XSS.This issue affects MemberPress: from n/a through < 1.12.0. | ||||
| CVE-2025-39406 | 2026-04-23 | 9.8 Critical | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPAMS apartment-management allows PHP Local File Inclusion.This issue affects WPAMS: from n/a through <= 44.0. | ||||
| CVE-2025-39405 | 2026-04-23 | 8.8 High | ||
| Incorrect Privilege Assignment vulnerability in mojoomla WPAMS apartment-management allows Privilege Escalation.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||