Export limit exceeded: 346275 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346275 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31730 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DigitalCourt Marketer Addons marketer-addons allows Stored XSS.This issue affects Marketer Addons: from n/a through <= 1.0.1. | ||||
| CVE-2025-31729 | 2026-04-23 | 6.5 Medium | ||
| Missing Authorization vulnerability in jeffikus WooTumblog woo-tumblog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooTumblog: from n/a through <= 2.1.4. | ||||
| CVE-2025-31643 | 2 Dasinfomedia, Wordpress | 2 Wpchurch Church Management System, Wordpress | 2026-04-23 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH church-management allows Privilege Escalation.This issue affects WPCHURCH: from n/a through <= 2.7.0. | ||||
| CVE-2025-31642 | 2 Dasinfomedia, Wordpress | 2 Wpchurch Church Management System, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dasinfomedia WPCHURCH church-management allows Reflected XSS.This issue affects WPCHURCH: from n/a through <= 2.7.0. | ||||
| CVE-2025-31641 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup UberSlider uber-classic allows SQL Injection.This issue affects UberSlider: from n/a through < 2.6. | ||||
| CVE-2025-31640 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Magic Responsive Slider and Carousel WordPress magic-carousel allows SQL Injection.This issue affects Magic Responsive Slider and Carousel WordPress: from n/a through < 1.6. | ||||
| CVE-2025-31639 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare spare allows Cross Site Request Forgery.This issue affects Spare: from n/a through <= 1.7. | ||||
| CVE-2025-31638 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themeton Spare spare allows Reflected XSS.This issue affects Spare: from n/a through <= 1.7. | ||||
| CVE-2025-31637 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup SHOUT lbg-audio8-html5-radio_ads allows SQL Injection.This issue affects SHOUT: from n/a through <= 3.5.3. | ||||
| CVE-2025-31636 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SaurabhSharma WP Post Modules for Elementor wp-post-modules-el allows Reflected XSS.This issue affects WP Post Modules for Elementor: from n/a through <= 2.5.0. | ||||
| CVE-2025-31635 | 2026-04-23 | 7.5 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in LambertGroup CLEVER lbg-audio11-html5-shoutcast_history allows Path Traversal.This issue affects CLEVER: from n/a through <= 2.6.2. | ||||
| CVE-2025-31633 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kiamo kiamo allows PHP Local File Inclusion.This issue affects Kiamo: from n/a through < 1.3.6. | ||||
| CVE-2025-31632 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SpyroPress La Boom laboom allows PHP Local File Inclusion.This issue affects La Boom: from n/a through <= 2.7. | ||||
| CVE-2025-31631 | 2026-04-23 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in AncoraThemes Fish House fish-house allows Object Injection.This issue affects Fish House: from n/a through <= 1.2.7. | ||||
| CVE-2025-31630 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in themeton The Business nrgbusiness allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Business: from n/a through <= 1.6.1. | ||||
| CVE-2025-31629 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacob Allred Infusionsoft Web Form JavaScript infusionsoft-web-form-javascript allows Stored XSS.This issue affects Infusionsoft Web Form JavaScript: from n/a through <= 1.1.1. | ||||
| CVE-2025-31628 | 2 Slicedinvoices, Wordpress | 2 Sliced Invoices, Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in SlicedInvoices Sliced Invoices sliced-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sliced Invoices: from n/a through <= 3.10.0. | ||||
| CVE-2025-31627 | 2026-04-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through <= 3.24. | ||||
| CVE-2025-31626 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M. Ali Saleem Support Helpdesk Ticket System Lite ticket-help-desk-system-lite allows Reflected XSS.This issue affects Support Helpdesk Ticket System Lite: from n/a through <= 4.5.2. | ||||
| CVE-2025-31625 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ramanparashar Useinfluence useinfluence allows Stored XSS.This issue affects Useinfluence: from n/a through <= 1.0.8. | ||||