Export limit exceeded: 11921 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11921 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23837 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in martinjuhasz One Backend Language one-backend-language allows Reflected XSS.This issue affects One Backend Language: from n/a through <= 1.0. | ||||
| CVE-2025-23838 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rally Vincent Bauernregeln bauernregeln allows Reflected XSS.This issue affects Bauernregeln: from n/a through <= 1.0.1. | ||||
| CVE-2025-23839 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asif Shakeel Sticky Button sticky-chat-button allows Stored XSS.This issue affects Sticky Button: from n/a through <= 1.0. | ||||
| CVE-2025-23840 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webjema WP-NOTCAPTCHA wp-notcaptcha allows Reflected XSS.This issue affects WP-NOTCAPTCHA: from n/a through <= 1.3.1. | ||||
| CVE-2025-58688 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Casengo Casengo Live Chat Support the-casengo-chat-widget allows Stored XSS.This issue affects Casengo Live Chat Support: from n/a through <= 2.1.4. | ||||
| CVE-2025-58691 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson Genesis Club Lite genesis-club-lite allows Stored XSS.This issue affects Genesis Club Lite: from n/a through <= 1.17. | ||||
| CVE-2025-58704 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ren Ventura WP Delete User Accounts wp-delete-user-accounts allows Stored XSS.This issue affects WP Delete User Accounts: from n/a through <= 1.2.4. | ||||
| CVE-2025-23919 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Ella Van Durpe Slides & Presentations slide allows Code Injection.This issue affects Slides & Presentations: from n/a through <= 0.0.39. | ||||
| CVE-2025-23920 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sourcing Team ApplicantPro applicantpro allows Reflected XSS.This issue affects ApplicantPro: from n/a through <= 1.3.9. | ||||
| CVE-2025-23956 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Leishman WP Easy Post Mailer wp-mailer allows Reflected XSS.This issue affects WP Easy Post Mailer: from n/a through <= 0.64. | ||||
| CVE-2025-23957 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in surdotly Sur.ly surly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sur.ly: from n/a through <= 3.0.3. | ||||
| CVE-2025-23960 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL save-import-image-from-url allows Reflected XSS.This issue affects Save & Import Image from URL: from n/a through <= 0.7. | ||||
| CVE-2025-23988 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno Cavalcante Ghostwriter allows Reflected XSS.This issue affects Ghostwriter: from n/a through 1.4. | ||||
| CVE-2025-23990 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in jablonczay Scroll Styler scroll-styler.This issue affects Scroll Styler: from n/a through <= 1.1. | ||||
| CVE-2025-23992 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows Stored XSS.This issue affects Toocheke Companion: from n/a through <= 1.166. | ||||
| CVE-2025-23993 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RiceTheme Felan Framework felan-framework allows SQL Injection.This issue affects Felan Framework: from n/a through <= 1.1.3. | ||||
| CVE-2025-24672 | 2 Codepeople, Wordpress | 2 Form Builder Cp, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in codepeople Form Builder CP cp-easy-form-builder allows SQL Injection.This issue affects Form Builder CP: from n/a through <= 1.2.41. | ||||
| CVE-2025-24676 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in umangmetatagg Custom WP Store Locator custom-store-locator allows Reflected XSS.This issue affects Custom WP Store Locator: from n/a through <= 1.4.7. | ||||
| CVE-2025-24704 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grimdonkey Magic the Gathering Card Tooltips magic-the-gathering-card-tooltips allows Stored XSS.This issue affects Magic the Gathering Card Tooltips: from n/a through <= 3.4.0. | ||||
| CVE-2025-24706 | 2 Multivendorx, Wordpress | 2 Wc Marketplace, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Stored XSS.This issue affects MultiVendorX: from n/a through <= 4.2.13. | ||||