Export limit exceeded: 10028 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10028 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27276 | 2026-04-23 | 8.8 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in lizeipe Photo Gallery ( Responsive ) photo-gallery-pearlbells allows Privilege Escalation.This issue affects Photo Gallery ( Responsive ): from n/a through <= 4.0. | ||||
| CVE-2025-27274 | 1 Axelkeller | 1 Gpx Viewer | 2026-04-23 | 4.9 Medium |
| Path Traversal: '.../...//' vulnerability in axelkeller GPX Viewer gpx-viewer allows Path Traversal.This issue affects GPX Viewer: from n/a through <= 2.2.11. | ||||
| CVE-2025-27012 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo a1post-bg-shipping-for-woocommerce allows Privilege Escalation.This issue affects A1POST.BG Shipping for Woo: from n/a through <= 1.5. | ||||
| CVE-2025-27010 | 2026-04-23 | 8.1 High | ||
| Path Traversal: '.../...//' vulnerability in bslthemes Tastyc tastyc allows PHP Local File Inclusion.This issue affects Tastyc: from n/a through < 2.5.2. | ||||
| CVE-2025-27009 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through <= 3.6.33. | ||||
| CVE-2025-27003 | 2 Fullworksplugins, Wordpress | 2 Quick Paypal Payments, Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in fullworks Quick Paypal Payments quick-paypal-payments allows Cross Site Request Forgery.This issue affects Quick Paypal Payments: from n/a through <= 5.7.46. | ||||
| CVE-2025-26963 | 1 Flowdee | 1 Clickwhale | 2026-04-23 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ClickWhale ClickWhale clickwhale allows Cross Site Request Forgery.This issue affects ClickWhale: from n/a through <= 2.4.3. | ||||
| CVE-2025-26935 | 1 Wpjobportal | 1 Wp Job Portal | 2026-04-23 | 7.5 High |
| Path Traversal: '.../...//' vulnerability in wpjobportal WP Job Portal wp-job-portal allows PHP Local File Inclusion.This issue affects WP Job Portal: from n/a through <= 2.2.8. | ||||
| CVE-2025-26931 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Tribulant Gallery Voting gallery-voting allows Stored XSS.This issue affects Tribulant Gallery Voting: from n/a through <= 1.2.1. | ||||
| CVE-2025-26926 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through <= 4.0.9. | ||||
| CVE-2025-26910 | 1 Iqonic | 1 Wpbookit | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit wpbookit allows Stored XSS.This issue affects WPBookit: from n/a through <= 1.0.1. | ||||
| CVE-2025-26903 | 2026-04-23 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery inpost-gallery allows Cross Site Request Forgery.This issue affects InPost Gallery: from n/a through <= 2.1.4.3. | ||||
| CVE-2025-26899 | 2026-04-23 | 6.5 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Recapture Cart Recovery and Email Marketing Recapture for WooCommerce recapture-for-woocommerce allows Cross Site Request Forgery.This issue affects Recapture for WooCommerce: from n/a through <= 1.0.43. | ||||
| CVE-2025-26876 | 1 Codemanas | 1 Search With Typesense | 2026-04-23 | 6.8 Medium |
| Path Traversal: '.../...//' vulnerability in CodeManas Search with Typesense search-with-typesense allows Path Traversal.This issue affects Search with Typesense: from n/a through <= 2.0.8. | ||||
| CVE-2025-26768 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in what3words what3words Address Field 3-word-address-validation-field allows Stored XSS.This issue affects what3words Address Field: from n/a through <= 4.0.15. | ||||
| CVE-2025-26759 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in alexvtn Content Snippet Manager content-snippet-manager allows Stored XSS.This issue affects Content Snippet Manager: from n/a through <= 1.1.5. | ||||
| CVE-2025-26748 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in looswebstudio Arkhe arkhe allows PHP Local File Inclusion.This issue affects Arkhe: from n/a through <= 3.12.0. | ||||
| CVE-2025-26593 | 2026-04-23 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in FasterThemes FastBook fastbook-responsive-appointment-booking-and-scheduling-system allows Cross Site Request Forgery.This issue affects FastBook: from n/a through <= 1.1. | ||||
| CVE-2025-26582 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Blackbam TinyMCE Advanced qTranslate fix editor problems tinymce-advanced-qtranslate-fix-editor-problems allows Stored XSS.This issue affects TinyMCE Advanced qTranslate fix editor problems: from n/a through <= 1.0.0. | ||||
| CVE-2025-26580 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Complete SEO Page/Post Specific Social Share Buttons pagepost-specific-social-share-buttons allows Stored XSS.This issue affects Page/Post Specific Social Share Buttons: from n/a through <= 2.1. | ||||