Export limit exceeded: 346367 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346367 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23997 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tamara Solution Tamara Checkout tamara-checkout allows Stored XSS.This issue affects Tamara Checkout: from n/a through < 1.9.9.1. | ||||
| CVE-2025-23996 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AnyRoad AnyRoad anyguide allows Cross Site Request Forgery.This issue affects AnyRoad: from n/a through <= 1.3.2. | ||||
| CVE-2025-23995 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ta2g Tantyyellow tantyyellow allows Reflected XSS.This issue affects Tantyyellow: from n/a through <= 1.0.0.5. | ||||
| CVE-2025-23994 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Estatebud Estatebud – Properties & Listings estatebud-properties-listings allows Stored XSS.This issue affects Estatebud – Properties & Listings: from n/a through <= 5.5.0. | ||||
| CVE-2025-23993 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RiceTheme Felan Framework felan-framework allows SQL Injection.This issue affects Felan Framework: from n/a through <= 1.1.3. | ||||
| CVE-2025-23992 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows Stored XSS.This issue affects Toocheke Companion: from n/a through <= 1.166. | ||||
| CVE-2025-23991 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in Dotstore Product Size Charts Plugin for WooCommerce woo-advanced-product-size-chart.This issue affects Product Size Charts Plugin for WooCommerce: from n/a through <= 2.4.5. | ||||
| CVE-2025-23990 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in jablonczay Scroll Styler scroll-styler.This issue affects Scroll Styler: from n/a through <= 1.1. | ||||
| CVE-2025-23989 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Internal Link Builder internal-link-builder allows Cross Site Request Forgery.This issue affects Internal Link Builder: from n/a through <= 1.0. | ||||
| CVE-2025-23988 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno Cavalcante ghostwriter ghostwriter allows Reflected XSS.This issue affects ghostwriter: from n/a through <= 1.4. | ||||
| CVE-2025-23987 | 2 Codegearthemes, Wordpress | 2 Designer, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codegearthemes Designer designer allows DOM-Based XSS.This issue affects Designer: from n/a through <= 1.6.4. | ||||
| CVE-2025-23986 | 2 Fyrewurks, Wordpress | 2 Tiki Time, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyrewurks Tiki Time tiki-time allows Reflected XSS.This issue affects Tiki Time: from n/a through <= 1.3. | ||||
| CVE-2025-23985 | 2026-04-23 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in brainvireinfo Dynamic URL SEO dynamic-url-seo allows Cross Site Request Forgery.This issue affects Dynamic URL SEO: from n/a through <= 1.0. | ||||
| CVE-2025-23984 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brainvireinfo Dynamic URL SEO dynamic-url-seo allows Reflected XSS.This issue affects Dynamic URL SEO: from n/a through <= 1.0. | ||||
| CVE-2025-23983 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tijaji Tijaji tijaji allows Reflected XSS.This issue affects Tijaji: from n/a through <= 1.43. | ||||
| CVE-2025-23982 | 2026-04-23 | 7.1 High | ||
| Missing Authorization vulnerability in Gopi krishnan Fare Calculator fare-calculator allows Stored XSS.This issue affects Fare Calculator: from n/a through <= 1.1. | ||||
| CVE-2025-23981 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takimi Themes CarZine carzine allows Reflected XSS.This issue affects CarZine: from n/a through <= 1.4.6. | ||||
| CVE-2025-23980 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in James Andrews Full Circle full-circle allows Stored XSS.This issue affects Full Circle: from n/a through <= 0.5.7.8. | ||||
| CVE-2025-23979 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in duwasai Flashy flashy allows Reflected XSS.This issue affects Flashy: from n/a through <= 1.2.1. | ||||
| CVE-2025-23978 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ninos FlashCounter flashcounter allows Stored XSS.This issue affects FlashCounter: from n/a through <= 1.1.8. | ||||