Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44721 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-23591 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blulogistics1 blu Logistics blu-logistics allows Reflected XSS.This issue affects blu Logistics: from n/a through <= 1.0.0.
CVE-2025-23590 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dezdy.com Dezdy dezdy-mcommerce allows Reflected XSS.This issue affects Dezdy: from n/a through <= 1.0.
CVE-2025-23589 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in markugwuanyi ContentOptin Lite contentoptin allows Reflected XSS.This issue affects ContentOptin Lite: from n/a through <= 1.1.
CVE-2025-23588 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in baonguyenyam WOW Best CSS Compiler best-css-compiler allows Reflected XSS.This issue affects WOW Best CSS Compiler: from n/a through <= 2.0.2.
CVE-2025-23587 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashek Al Mahmud all-in-one-box-login all-in-one-login allows Reflected XSS.This issue affects all-in-one-box-login: from n/a through <= 2.0.1.
CVE-2025-23586 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MAL73049 WP Post Category Notifications wp-post-category-notifications allows Reflected XSS.This issue affects WP Post Category Notifications: from n/a through <= 1.0.
CVE-2025-23585 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CantonBolo Goo.gl Url Shorter googl-url-shorter allows Reflected XSS.This issue affects Goo.gl Url Shorter: from n/a through <= 1.0.1.
CVE-2025-23584 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arsh91 Pin Locations on Map pin-locations-on-map allows Reflected XSS.This issue affects Pin Locations on Map: from n/a through <= 1.0.
CVE-2025-23583 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Explara Explara Membership explara-membership allows Reflected XSS.This issue affects Explara Membership: from n/a through <= 0.0.7.
CVE-2025-23582 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haider Ali Bulk Categories Assign bulk-categories-assign allows Reflected XSS.This issue affects Bulk Categories Assign: from n/a through <= 1.0.
CVE-2025-23581 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitalzoomstudio Demo User DZS demo-user-dzs-showcase-your-admin-safely allows Stored XSS.This issue affects Demo User DZS: from n/a through <= 1.1.0.
CVE-2025-23580 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthew BizLibrary bizlibrary allows Reflected XSS.This issue affects BizLibrary: from n/a through <= 1.1.
CVE-2025-23579 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitalzoomstudio DZS Ajaxer Lite dzs-ajaxer-lite-dynamic-page-load allows Stored XSS.This issue affects DZS Ajaxer Lite: from n/a through <= 1.04.
CVE-2025-23578 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Custom CSS Addons css-addons allows Reflected XSS.This issue affects Custom CSS Addons: from n/a through <= 1.9.1.
CVE-2025-23576 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cfuze WP Intro.JS wp-intro-js-tours allows Reflected XSS.This issue affects WP Intro.JS: from n/a through <= 1.1.
CVE-2025-23575 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through <= 1.1.
CVE-2025-23574 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonathan Lau CubePM cubepm allows Reflected XSS.This issue affects CubePM: from n/a through <= 1.0.
CVE-2025-23571 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in makong Internal Links Generator internal-links-generator allows Reflected XSS.This issue affects Internal Links Generator: from n/a through <= 3.51.
CVE-2025-23570 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mitchell Bundy WP Social Links wp-social-links allows Reflected XSS.This issue affects WP Social Links: from n/a through <= 0.3.1.
CVE-2025-23568 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fredsted WP Login Attempt Log wp-login-attempt-log allows Reflected XSS.This issue affects WP Login Attempt Log: from n/a through <= 1.3.