Export limit exceeded: 343228 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343228 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 75095 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75095 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64209 | 2 Stylemixthemes, Wordpress | 2 Masterstudy Lms, Wordpress | 2026-04-01 | 7.5 High |
| Missing Authorization vulnerability in StylemixThemes Masterstudy masterstudy allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Masterstudy: from n/a through < 4.8.122. | ||||
| CVE-2025-64207 | 2 Tielabs, Wordpress | 2 Jannah, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through <= 7.6.0. | ||||
| CVE-2025-64205 | 2 Tielabs, Wordpress | 2 Jannah, Wordpress | 2026-04-01 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through <= 7.6.0. | ||||
| CVE-2025-64203 | 2 Mailster, Wordpress | 2 Mailster, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress Mailster mailster allows Reflected XSS.This issue affects Mailster: from n/a through < 4.1.14. | ||||
| CVE-2025-64198 | 2 Appscreo, Wordpress | 2 Easy Social Share Buttons, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in appscreo Easy Social Share Buttons easy-social-share-buttons3 allows Reflected XSS.This issue affects Easy Social Share Buttons: from n/a through < 10.7.1. | ||||
| CVE-2025-64196 | 3 Booster, Pluggabl, Wordpress | 3 Booster For Woocommerce, Booster For Woocommerce, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through <= 7.2.5. | ||||
| CVE-2025-64195 | 2 Thimpress, Wordpress | 2 Eduma, Wordpress | 2026-04-01 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress Eduma eduma allows PHP Local File Inclusion.This issue affects Eduma: from n/a through <= 5.7.6. | ||||
| CVE-2025-64193 | 2 8theme, Wordpress | 2 Xstore, Wordpress | 2026-04-01 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through < 9.6.1. | ||||
| CVE-2025-64191 | 2 8theme, Wordpress | 2 Xstore, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore xstore allows Reflected XSS.This issue affects XStore: from n/a through < 9.6.1. | ||||
| CVE-2025-64189 | 2 8theme, Wordpress | 2 Xstore Core, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through < 5.6. | ||||
| CVE-2025-6326 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through <= 1.18.0. | ||||
| CVE-2025-6324 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MatrixAddons Easy Invoice easy-invoice allows DOM-Based XSS.This issue affects Easy Invoice: from n/a through <= 2.0.9. | ||||
| CVE-2025-63076 | 2 Dream-theme, Wordpress | 2 The7, Wordpress | 2026-04-01 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dream-Theme The7 Elements dt-the7-core allows PHP Local File Inclusion.This issue affects The7 Elements: from n/a through <= 2.7.11. | ||||
| CVE-2025-63062 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.6 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through <= 4.14.0. | ||||
| CVE-2025-63036 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DFDevelopment Ronneby Theme Core ronneby-core allows PHP Local File Inclusion.This issue affects Ronneby Theme Core: from n/a through <= 1.5.68. | ||||
| CVE-2025-63019 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy allows Retrieve Embedded Sensitive Data.This issue affects Cookies and Content Security Policy: from n/a through <= 2.34. | ||||
| CVE-2025-63018 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in wproyal Bard bard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bard: from n/a through <= 2.229. | ||||
| CVE-2025-63017 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through <= 1.6.6. | ||||
| CVE-2025-63003 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes North - Required Plugin north-plugin allows PHP Local File Inclusion.This issue affects North - Required Plugin: from n/a through <= 1.4.2. | ||||
| CVE-2025-62986 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in FanBridge FanBridge signup fanbridge-signup allows Stored XSS.This issue affects FanBridge signup: from n/a through <= 0.6. | ||||