Export limit exceeded: 12284 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12284 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54721 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Resca resca allows Reflected XSS.This issue affects Resca: from n/a through <= 3.0.2. | ||||
| CVE-2025-54723 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in BoldThemes DentiCare denticare allows Object Injection.This issue affects DentiCare: from n/a through < 1.4.3. | ||||
| CVE-2025-58619 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in sbouey Falang multilanguage falang allows Object Injection.This issue affects Falang multilanguage: from n/a through <= 1.3.65. | ||||
| CVE-2025-54737 | 2 Nootheme, Wordpress | 2 Jobmonster, Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflected XSS.This issue affects Jobmonster: from n/a through <= 4.7.8. | ||||
| CVE-2025-54748 | 2 Mapsvg, Wordpress | 2 Mapsvg, Wordpress | 2026-04-15 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through < 8.6.12. | ||||
| CVE-2025-54751 | 2 Wordpress, Wpxpo | 2 Wordpress, Postx | 2026-04-15 | 7.1 High |
| Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 4.1.36. | ||||
| CVE-2025-5483 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 8.1 High |
| The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wp_user.php file in versions 1.2.10 to 1.3.0. This makes it possible for unauthenticated attackers to create new user accounts with the administrator role when the PRO functionality is enabled. | ||||
| CVE-2025-54940 | 2 Wordpress, Wpengine | 2 Wordpress, Advanced Custom Fields | 2026-04-15 | N/A |
| An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4.3. If this vulnerability is exploited, crafted HTML code may be rendered and page display may be tampered. | ||||
| CVE-2025-60168 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in integrationshotelrunner HotelRunner Booking Widget hotelrunner allows Stored XSS.This issue affects HotelRunner Booking Widget: from n/a through <= 1.6. | ||||
| CVE-2025-48106 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in CMSSuperHeroes Clanora clanora allows Using Malicious Files.This issue affects Clanora: from n/a through < 1.3.1. | ||||
| CVE-2025-60176 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tattersoftware WP Tesseract wp-tesseract allows Stored XSS.This issue affects WP Tesseract: from n/a through <= 1.0.2. | ||||
| CVE-2025-48099 | 2 Codeamp, Wordpress | 2 Search & Filter, Wordpress | 2026-04-15 | 4.7 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Code Amp Search & Filter search-filter allows Cross Site Request Forgery.This issue affects Search & Filter: from n/a through <= 1.2.17. | ||||
| CVE-2025-48098 | 2 Ays-pro, Wordpress | 2 Survey Maker, Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.1.8.8. | ||||
| CVE-2025-60213 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Whitebox-Studio Scape scape allows Object Injection.This issue affects Scape: from n/a through <= 1.5.13. | ||||
| CVE-2025-48097 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shiva WSAnalytics wsanalytics-google-analytics-and-dashboards allows Reflected XSS.This issue affects WSAnalytics: from n/a through <= 1.1.2. | ||||
| CVE-2025-60182 | 2 Schiocco, Wordpress | 2 Support Board, Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through < 3.8.7. | ||||
| CVE-2025-60183 | 2 Silence, Wordpress | 2 Silencesoft Rss Reader, Wordpress | 2026-04-15 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silence Silencesoft RSS Reader external-rss-reader allows Stored XSS.This issue affects Silencesoft RSS Reader: from n/a through <= 0.6. | ||||
| CVE-2025-48095 | 2 Ays-pro, Wordpress | 2 Survey Maker, Wordpress | 2026-04-15 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.1.8.8. | ||||
| CVE-2025-60187 | 2 Atarim, Wordpress | 2 Atarim, Wordpress | 2026-04-15 | 4.8 Medium |
| Unrestricted Upload of File with Dangerous Type vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Using Malicious Files.This issue affects Atarim: from n/a through <= 4.2.1. | ||||
| CVE-2025-60195 | 2 Atarim, Wordpress | 2 Atarim, Wordpress | 2026-04-15 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Privilege Escalation.This issue affects Atarim: from n/a through <= 4.2.1. | ||||