Export limit exceeded: 341885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341885 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53264 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Konrád Koller ONet Regenerate Thumbnails onet-regenerate-thumbnails allows Cross Site Request Forgery.This issue affects ONet Regenerate Thumbnails: from n/a through <= 1.5. | ||||
| CVE-2025-53263 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms gf-google-address-autocomplete allows Cross Site Request Forgery.This issue affects Address Autocomplete via Google for Gravity Forms: from n/a through <= 1.3.4. | ||||
| CVE-2025-53262 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Writesonic Writesonic writesonic allows Cross Site Request Forgery.This issue affects Writesonic: from n/a through <= 1.0.5. | ||||
| CVE-2025-53261 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in macbookandrew WP YouTube Live wp-youtube-live allows Cross Site Request Forgery.This issue affects WP YouTube Live: from n/a through <= 1.10.0. | ||||
| CVE-2025-53260 | 2026-04-01 | N/A | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in getredhawkstudio File Manager Plugin For Wordpress file-manager-plugin-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects File Manager Plugin For Wordpress: from n/a through <= 7.5. | ||||
| CVE-2025-53259 | 2 Nicdark, Wordpress | 2 Hotel Booking, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark Hotel Booking nd-booking allows PHP Local File Inclusion.This issue affects Hotel Booking: from n/a through <= 3.7. | ||||
| CVE-2025-53258 | 2 Wordpress, Wow-company | 2 Wordpress, Hover Effects | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wow-Company Hover Effects hover-effects allows SQL Injection.This issue affects Hover Effects: from n/a through <= 2.1.2. | ||||
| CVE-2025-53257 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Serhii Pasyuk Gmedia Photo Gallery grand-media allows PHP Local File Inclusion.This issue affects Gmedia Photo Gallery: from n/a through <= 1.23.0. | ||||
| CVE-2025-53256 | 1 Yaycommerce | 1 Yaysmtp | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YaySMTP yaysmtp allows SQL Injection.This issue affects YaySMTP: from n/a through <= 2.6.6. | ||||
| CVE-2025-53255 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Nabil Lemsieh HurryTimer hurrytimer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HurryTimer: from n/a through <= 2.13.1. | ||||
| CVE-2025-53254 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Cyrlitera cyrlitera allows Cross Site Request Forgery.This issue affects Cyrlitera: from n/a through <= 1.3.0. | ||||
| CVE-2025-53253 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh WP Edit wp-edit allows Stored XSS.This issue affects WP Edit: from n/a through <= 4.0.4. | ||||
| CVE-2025-53251 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP pin-wp allows Upload a Web Shell to a Web Server.This issue affects Pin WP: from n/a through < 7.2. | ||||
| CVE-2025-53250 | 2026-04-01 | N/A | ||
| Server-Side Request Forgery (SSRF) vulnerability in Chartbeat Chartbeat chartbeat allows Server Side Request Forgery.This issue affects Chartbeat: from n/a through <= 2.0.7. | ||||
| CVE-2025-53249 | 2 Hakeemnala, Wordpress | 2 Build App Online, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online build-app-online allows Cross Site Request Forgery.This issue affects Build App Online: from n/a through <= 1.0.23. | ||||
| CVE-2025-53248 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magazine eximious-magazine allows PHP Local File Inclusion.This issue affects Magazine: from n/a through <= 1.2.2. | ||||
| CVE-2025-53247 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpinterface BlogMarks blogmarks allows PHP Local File Inclusion.This issue affects BlogMarks: from n/a through <= 1.0.8. | ||||
| CVE-2025-53244 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magazine Elite magazine-elite allows PHP Local File Inclusion.This issue affects Magazine Elite: from n/a through <= 1.2.4. | ||||
| CVE-2025-53243 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in emarket-design Employee Directory – Staff Listing & Team Directory Plugin for WordPress employee-directory allows Object Injection.This issue affects Employee Directory – Staff Listing & Team Directory Plugin for WordPress: from n/a through <= 4.5.5. | ||||
| CVE-2025-53241 | 2 Kodeshpa, Wordpress | 2 Simplified Plugin, Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through <= 1.0.11. | ||||