Export limit exceeded: 341807 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341807 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57998 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hamid Reza Yazdani E-namad & Shamed Logo Manager e-namad-shamed-logo-manager allows Stored XSS.This issue affects E-namad & Shamed Logo Manager: from n/a through <= 2.2. | ||||
| CVE-2025-57997 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Trustpilot Trustpilot Reviews trustpilot-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trustpilot Reviews: from n/a through <= 2.5.925. | ||||
| CVE-2025-57996 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthewordie Buckets buckets allows Stored XSS.This issue affects Buckets: from n/a through <= 0.3.9. | ||||
| CVE-2025-57995 | 2 Detheme, Wordpress | 2 Dethemekit For Elementor, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Detheme DethemeKit For Elementor dethemekit-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DethemeKit For Elementor: from n/a through <= 2.1.10. | ||||
| CVE-2025-57994 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events Lists upcoming-events-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Upcoming Events Lists: from n/a through <= 1.4.0. | ||||
| CVE-2025-57993 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Pick Geolocation IP Detection geoip-detect allows Stored XSS.This issue affects Geolocation IP Detection: from n/a through <= 5.5.0. | ||||
| CVE-2025-57992 | 2 Interserver, Wordpress | 2 Mail Baby Smtp, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in InterServer Mail Baby SMTP mail-baby-smtp allows Cross Site Request Forgery.This issue affects Mail Baby SMTP: from n/a through <= 2.8. | ||||
| CVE-2025-57991 | 2 Clariti, Wordpress | 2 Clariti, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Clariti Clariti clariti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clariti: from n/a through <= 1.2.1. | ||||
| CVE-2025-57990 | 2 Solwininfotech, Wordpress | 2 Blog Designer, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in solwininfotech Blog Designer blog-designer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blog Designer: from n/a through <= 3.1.8. | ||||
| CVE-2025-57989 | 2 Brajesh Singh, Wordpress | 2 Wordpress Widgets Shortcode, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brajesh Singh WordPress Widgets Shortcode wp-widgets-shortcode allows Stored XSS.This issue affects WordPress Widgets Shortcode: from n/a through <= 1.0.3. | ||||
| CVE-2025-57988 | 2 Uncannyowl, Wordpress | 2 Uncanny Toolkit For Learndash, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash uncanny-learndash-toolkit allows Stored XSS.This issue affects Uncanny Toolkit for LearnDash: from n/a through <= 3.7.0.3. | ||||
| CVE-2025-57987 | 2 Thimpress, Wordpress | 2 Wp Events Manager, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in ThimPress WP Events Manager wp-events-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Events Manager: from n/a through <= 2.2.1. | ||||
| CVE-2025-57986 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in husani WP Subtitle wp-subtitle allows Stored XSS.This issue affects WP Subtitle: from n/a through <= 3.4.1. | ||||
| CVE-2025-57985 | 2 Mantrabrain, Wordpress | 2 Ultimate Watermark, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in MantraBrain Ultimate Watermark ultimate-watermark allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Watermark: from n/a through <= 1.1. | ||||
| CVE-2025-57984 | 2 Makestories, Wordpress | 2 Makestories (for Google Web Stories), Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in Pratik Ghela MakeStories (for Google Web Stories) makestories-helper allows Server Side Request Forgery.This issue affects MakeStories (for Google Web Stories): from n/a through <= 3.0.4. | ||||
| CVE-2025-57983 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Damian BP Disable Activation Reloaded bp-disable-activation-reloaded allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BP Disable Activation Reloaded: from n/a through <= 1.2.1. | ||||
| CVE-2025-57982 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBean Advance Portfolio Grid advance-portfolio-grid allows Stored XSS.This issue affects Advance Portfolio Grid: from n/a through <= 1.07.6. | ||||
| CVE-2025-57981 | 2 Catchsquare, Wordpress | 2 Wp Social Widget, Wordpress | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.3.1. | ||||
| CVE-2025-57980 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas Cordero Safety Exit safety-exit allows Stored XSS.This issue affects Safety Exit: from n/a through <= 1.8.0. | ||||
| CVE-2025-57979 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson AuthorSure authorsure allows Stored XSS.This issue affects AuthorSure: from n/a through <= 2.3. | ||||