Export limit exceeded: 341810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341810 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48079 | 1 Metagauss | 1 Profilegrid | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfileGrid : from n/a through <= 5.9.5.1. | ||||
| CVE-2025-47696 | 2 Solwin, Wordpress | 2 Blog Designer Pro, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7. | ||||
| CVE-2025-47695 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7. | ||||
| CVE-2025-47694 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7. | ||||
| CVE-2025-47693 | 1 Roninwp | 1 Fat Services Booking | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Services Booking fat-services-booking allows PHP Local File Inclusion.This issue affects FAT Services Booking: from n/a through <= 5.5. | ||||
| CVE-2025-47692 | 1 Contentstudio | 1 Contentstudio | 2026-04-01 | N/A |
| Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contentstudio: from n/a through <= 1.3.5. | ||||
| CVE-2025-47691 | 2026-04-01 | N/A | ||
| Improper Control of Generation of Code ('Code Injection') vulnerability in Ultimate Member Ultimate Member ultimate-member allows Code Injection.This issue affects Ultimate Member: from n/a through <= 2.10.3. | ||||
| CVE-2025-47690 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Smackcoders Inc., Lead Form Data Collection to CRM wp-leads-builder-any-crm allows Privilege Escalation.This issue affects Lead Form Data Collection to CRM: from n/a through <= 3.1. | ||||
| CVE-2025-47689 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in johnh10 Video Blogster Lite video-blogster-lite allows Reflected XSS.This issue affects Video Blogster Lite: from n/a through <= 1.2. | ||||
| CVE-2025-47688 | 1 Advancedfilemanager | 1 Advanced File Manager | 2026-04-01 | 9.8 Critical |
| Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced File Manager: from n/a through <= 5.3.1. | ||||
| CVE-2025-47687 | 1 Woocommerce | 1 Storekeeper | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for WooCommerce storekeeper-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects StoreKeeper for WooCommerce: from n/a through <= 14.4.4. | ||||
| CVE-2025-47686 | 1 Delucks | 1 Delucks Seo | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Stored XSS.This issue affects DELUCKS SEO: from n/a through <= 2.5.9. | ||||
| CVE-2025-47685 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Moloni Contribuinte Checkout contribuinte-checkout allows Stored XSS.This issue affects Contribuinte Checkout: from n/a through <= 2.0.03. | ||||
| CVE-2025-47684 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Smaily Smaily for WP smaily-for-wp allows Cross Site Request Forgery.This issue affects Smaily for WP: from n/a through <= 3.1.7. | ||||
| CVE-2025-47683 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in Florent Maillefaud WP Maintenance wp-maintenance allows Object Injection.This issue affects WP Maintenance: from n/a through <= 6.1.9.7. | ||||
| CVE-2025-47682 | 1 Cozyvision | 1 Sms Alert Order Notifications | 2026-04-01 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.1. | ||||
| CVE-2025-47681 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ability, Inc Web Accessibility with Max Access accessibility-toolbar allows Cross Site Request Forgery.This issue affects Web Accessibility with Max Access: from n/a through <= 2.0.9. | ||||
| CVE-2025-47680 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-tidy-tags xili-tidy-tags allows Reflected XSS.This issue affects xili-tidy-tags: from n/a through <= 1.12.06. | ||||
| CVE-2025-47679 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RS WP THEMES RS WP Book Showcase rs-wp-books-showcase allows DOM-Based XSS.This issue affects RS WP Book Showcase: from n/a through <= 6.7.59. | ||||
| CVE-2025-47678 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelCockpit FunnelCockpit funnelcockpit allows Reflected XSS.This issue affects FunnelCockpit: from n/a through <= 1.4.3. | ||||