Export limit exceeded: 11887 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11887 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22501 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Improve My City Improve My City improve-my-city allows Reflected XSS.This issue affects Improve My City: from n/a through <= 1.6. | ||||
| CVE-2025-22499 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FAKTOR VIER F4 Post Tree f4-tree allows Reflected XSS.This issue affects F4 Post Tree: from n/a through <= 1.1.18. | ||||
| CVE-2025-22498 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N3wNormal LucidLMS lucidlms allows Reflected XSS.This issue affects LucidLMS: from n/a through <= 1.0.5. | ||||
| CVE-2025-22496 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MarMar8x Notif Bell notif-bell allows Stored XSS.This issue affects Notif Bell: from n/a through <= 0.9.8. | ||||
| CVE-2025-22365 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric McNiece EMC2 Alert Boxes emc2-alert-boxes allows Stored XSS.This issue affects EMC2 Alert Boxes: from n/a through <= 1.3. | ||||
| CVE-2025-22362 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Bakovic WPAchievements Free wpachievements-free allows Stored XSS.This issue affects WPAchievements Free: from n/a through <= 1.2.0. | ||||
| CVE-2025-22359 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pjfc SyncFields syncfields allows Reflected XSS.This issue affects SyncFields: from n/a through <= 2.1. | ||||
| CVE-2025-22356 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stencies Stencies stencies allows Reflected XSS.This issue affects Stencies: from n/a through <= 0.58. | ||||
| CVE-2025-22350 | 2 Wordpress, Wpindeed | 2 Wordpress, Ultimate Learning Pro | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpIndeed Ultimate Learning Pro indeed-learning-pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through <= 3.9. | ||||
| CVE-2025-22348 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in rtowebsites DynamicTags dynamictags allows Blind SQL Injection.This issue affects DynamicTags: from n/a through <= 1.4.0. | ||||
| CVE-2025-22345 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tsinf TS Comfort DB ts-comfort-database allows Reflected XSS.This issue affects TS Comfort DB: from n/a through <= 2.0.7. | ||||
| CVE-2025-22344 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in timmcdaniels Media Category Library media-category-library allows Reflected XSS.This issue affects Media Category Library: from n/a through <= 2.7. | ||||
| CVE-2025-22343 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in koter84 wpSOL wpsol allows Stored XSS.This issue affects wpSOL: from n/a through <= 1.2.0. | ||||
| CVE-2025-22342 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Jenst WP Simple Sitemap wp-simple-sitemap allows Stored XSS.This issue affects WP Simple Sitemap: from n/a through <= 0.2. | ||||
| CVE-2025-22341 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in parswp Hide Login+ hide-login allows Reflected XSS.This issue affects Hide Login+: from n/a through <= 3.5.1. | ||||
| CVE-2025-22339 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in athemeart Store Commerce store-commerce allows DOM-Based XSS.This issue affects Store Commerce: from n/a through <= 1.2.3. | ||||
| CVE-2025-22338 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lich_wang WP-tagMaker tagmaker allows Reflected XSS.This issue affects WP-tagMaker: from n/a through <= 0.2.2. | ||||
| CVE-2025-22333 | 2 Piotnet, Wordpress | 2 Piotnet Addons For Elementor, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in piotnetdotcom Piotnet Addons For Elementor piotnet-addons-for-elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through <= 2.4.31. | ||||
| CVE-2025-22331 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in P3JX Cf7Save Extension cf7save-extension allows Reflected XSS.This issue affects Cf7Save Extension: from n/a through <= 1. | ||||
| CVE-2025-22327 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Olaf Lederer EO4WP fw-integration-for-emailoctopus allows Stored XSS.This issue affects EO4WP: from n/a through <= 1.0.8.1. | ||||