Export limit exceeded: 341810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341810 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49276 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogmine blogmine allows PHP Local File Inclusion.This issue affects Blogmine: from n/a through <= 1.1.7. | ||||
| CVE-2025-49275 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogbyte blogbyte allows PHP Local File Inclusion.This issue affects Blogbyte: from n/a through <= 1.1.1. | ||||
| CVE-2025-49274 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awordpresslife Neom Blog neom-blog allows Reflected XSS.This issue affects Neom Blog: from n/a through <= 0.0.9. | ||||
| CVE-2025-49273 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in sminozzi WP Tools wptools allows Cross Site Request Forgery.This issue affects WP Tools: from n/a through <= 5.24. | ||||
| CVE-2025-49272 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through <= 5.20.0. | ||||
| CVE-2025-49271 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GravityWP GravityWP - Merge Tags gravitywp-merge-tags allows PHP Local File Inclusion.This issue affects GravityWP - Merge Tags: from n/a through <= 1.4.4. | ||||
| CVE-2025-49270 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP-CRM System: from n/a through <= 3.4.2. | ||||
| CVE-2025-49269 | 1 Anton Vanyukov | 1 Market Exporter | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Anton Vanyukov Market Exporter market-exporter allows Cross Site Request Forgery.This issue affects Market Exporter: from n/a through <= 2.0.22. | ||||
| CVE-2025-49268 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Soft8Soft LLC Verge3D verge3d allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Verge3D: from n/a through <= 4.9.4. | ||||
| CVE-2025-49267 | 2 Dynamiapps, Wordpress | 2 Frontend Admin, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Blind SQL Injection.This issue affects Frontend Admin by DynamiApps: from n/a through <= 3.28.3. | ||||
| CVE-2025-49266 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Reflected XSS.This issue affects Ultimate Reviews: from n/a through <= 3.2.14. | ||||
| CVE-2025-49265 | 1 Wpswings | 1 Membership For Woocommerce | 2026-04-01 | N/A |
| Missing Authorization vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Membership For WooCommerce: from n/a through <= 2.8.1. | ||||
| CVE-2025-49264 | 1 Wordpress | 2 Cloud Saml Sso, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On Login: from n/a through <= 1.0.18. | ||||
| CVE-2025-49263 | 1 Wcvendors | 1 Wc Vendors Marketplace | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WCVendors WC Vendors Marketplace wc-vendors allows Blind SQL Injection.This issue affects WC Vendors Marketplace: from n/a through <= 2.5.6. | ||||
| CVE-2025-49262 | 1 Sinaextra | 1 Sina Extension For Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shaonsina Sina Extension for Elementor sina-extension-for-elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through <= 3.6.1. | ||||
| CVE-2025-49261 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: from n/a through <= 1.3.8. | ||||
| CVE-2025-49260 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through <= 1.3.9. | ||||
| CVE-2025-49259 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through <= 1.2.10. | ||||
| CVE-2025-49258 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Maia maia allows PHP Local File Inclusion.This issue affects Maia: from n/a through <= 1.1.15. | ||||
| CVE-2025-49257 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through <= 1.3.8. | ||||