Export limit exceeded: 346267 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346267 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346267 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346267 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32560 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohammad I. Okfie WP-Hijri wp-hijri allows Reflected XSS.This issue affects WP-Hijri: from n/a through <= 1.5.3. | ||||
| CVE-2025-32559 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in REVE Chat REVE Chat revechat allows Stored XSS.This issue affects REVE Chat: from n/a through <= 6.4.4. | ||||
| CVE-2025-32558 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ketanajani Duplicate Title Checker duplicate-title-checker allows Blind SQL Injection.This issue affects Duplicate Title Checker: from n/a through <= 1.2. | ||||
| CVE-2025-32557 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rico Macchi WP Featured Screenshot wp-featured-screenshot allows Reflected XSS.This issue affects WP Featured Screenshot: from n/a through <= 1.3. | ||||
| CVE-2025-32556 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sandor Kovacs Simple Post Meta Manager simple-post-meta-manager allows Reflected XSS.This issue affects Simple Post Meta Manager: from n/a through <= 1.0.9. | ||||
| CVE-2025-32555 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Edamam SEO, Nutrition and Print for Recipes by Edamam seo-nutrition-and-print-for-recipes-by-edamam allows Stored XSS.This issue affects SEO, Nutrition and Print for Recipes by Edamam: from n/a through <= 3.3. | ||||
| CVE-2025-32554 | 2 Raptive, Wordpress | 2 Raptive Ads, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raptive Raptive Ads adthrive-ads allows Reflected XSS.This issue affects Raptive Ads: from n/a through <= 3.7.3. | ||||
| CVE-2025-32553 | 2 Magnigenie, Wordpress | 2 Restropress, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magnigenie RestroPress restropress allows Reflected XSS.This issue affects RestroPress: from n/a through <= 3.2.8.6. | ||||
| CVE-2025-32552 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory MSRP (RRP) Pricing for WooCommerce msrp-for-woocommerce allows Reflected XSS.This issue affects MSRP (RRP) Pricing for WooCommerce: from n/a through <= 1.8.1. | ||||
| CVE-2025-32551 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace connector-civicrm-mcrestface allows Reflected XSS.This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through <= 1.0.8. | ||||
| CVE-2025-32550 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge Click & Pledge Connect click-pledge-connect allows SQL Injection.This issue affects Click & Pledge Connect: from n/a through <= 2.24080000-WP6.6.1. | ||||
| CVE-2025-32549 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPGYM gym-management allows PHP Local File Inclusion.This issue affects WPGYM: from n/a through <= 65.0. | ||||
| CVE-2025-32548 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in borisolhor Hamburger Icon Menu Lite hamburger-icon-menu-lite allows Reflected XSS.This issue affects Hamburger Icon Menu Lite: from n/a through <= 1.0. | ||||
| CVE-2025-32547 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in gtlwpdev All push notification for WP all-push-notification allows Blind SQL Injection.This issue affects All push notification for WP: from n/a through <= 1.5.3. | ||||
| CVE-2025-32546 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in gtlwpdev All push notification for WP all-push-notification allows Reflected XSS.This issue affects All push notification for WP: from n/a through <= 1.5.3. | ||||
| CVE-2025-32544 | 1 Woocommerce | 1 Woocommerce | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in The Right Software WooCommerce Loyal Customers woocommerce-loyal-customer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WooCommerce Loyal Customers: from n/a through <= 2.6. | ||||
| CVE-2025-32543 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hivedigital Canonical Attachments canonical-attachments allows Reflected XSS.This issue affects Canonical Attachments: from n/a through <= 1.8. | ||||
| CVE-2025-32542 | 2 Eazyplugins, Wordpress | 2 Eazy Plugin Manager, Wordpress | 2026-04-23 | 8.8 High |
| Missing Authorization vulnerability in EazyPlugins Eazy Plugin Manager plugins-on-steroids allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eazy Plugin Manager: from n/a through <= 4.3.0. | ||||
| CVE-2025-32541 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in infosoftplugin WooCommerce Sales MIS Report woocommerce-mis-report allows Reflected XSS.This issue affects WooCommerce Sales MIS Report: from n/a through <= 4.0.3. | ||||
| CVE-2025-32540 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in feedify Feedify – Web Push Notifications push-notification-by-feedify allows Reflected XSS.This issue affects Feedify – Web Push Notifications: from n/a through <= 2.4.5. | ||||