Export limit exceeded: 75408 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75408 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46232 | 1 Alttext | 1 Alt Text Ai | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through <= 1.9.93. | ||||
| CVE-2025-46231 | 1 Servit | 1 Affiliate-toolkit | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in SERVIT Software Solutions affiliate-toolkit affiliate-toolkit-starter allows Cross Site Request Forgery.This issue affects affiliate-toolkit: from n/a through <= 3.7.3. | ||||
| CVE-2025-39565 | 1 Melapress | 1 Melapress Login Security | 2026-04-01 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security melapress-login-security allows Object Injection.This issue affects MelaPress Login Security: from n/a through <= 2.1.0. | ||||
| CVE-2025-39507 | 1 Nasatheme | 1 Nasa Core | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core nasa-core allows PHP Local File Inclusion.This issue affects Nasa Core: from n/a through < 6.4.4. | ||||
| CVE-2025-39493 | 1 Valvepress | 1 Rankie | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in ValvePress Rankie valvepress-rankie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rankie: from n/a through < 1.8.2. | ||||
| CVE-2025-39482 | 1 Imithemes | 1 Eventer | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through < 3.11.4. | ||||
| CVE-2025-39472 | 2 Wpweb, Wpwebelite | 2 Woocommerce Social Login, Woocommerce Social Login | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in wpweb WooCommerce Social Login woo-social-login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a through < 2.8.3. | ||||
| CVE-2025-39413 | 1 Wpgoplugins | 1 Simple Sitemap | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in David Gwyer Simple Sitemap – Create a Responsive HTML Sitemap simple-sitemap.This issue affects Simple Sitemap – Create a Responsive HTML Sitemap: from n/a through <= 3.6.0. | ||||
| CVE-2025-32280 | 1 Wedevs | 1 Wp Project Manager | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Project Manager: from n/a through < 2.6.25. | ||||
| CVE-2025-32220 | 1 Salonbookingsystem | 1 Salon Booking System | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon booking system: from n/a through <= 10.30.23. | ||||
| CVE-2025-32158 | 1 Athemes | 1 Athemes Addons For Elementor | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite.This issue affects aThemes Addons for Elementor: from n/a through <= 1.1.3. | ||||
| CVE-2025-32154 | 1 Catchthemes | 1 Catch Dark Mode | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Catch Themes Catch Dark Mode catch-dark-mode allows PHP Local File Inclusion.This issue affects Catch Dark Mode: from n/a through <= 2.0.1. | ||||
| CVE-2025-32151 | 2 Themekraft, Wordpress | 2 Buddyforms, Wordpress | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themekraft BuddyForms buddyforms allows PHP Local File Inclusion.This issue affects BuddyForms: from n/a through <= 2.9.0. | ||||
| CVE-2025-32149 | 2 Mtrv, Wordpress | 2 Teachpress, Wordpress | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in winkm89 teachPress teachpress allows SQL Injection.This issue affects teachPress: from n/a through <= 9.0.11. | ||||
| CVE-2025-31828 | 1 Easyappointments | 1 Easy\!appointments | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in alextselegidis Easy!Appointments easyappointments allows Cross Site Request Forgery.This issue affects Easy!Appointments: from n/a through <= 1.4.2. | ||||
| CVE-2025-31560 | 1 Salonbookingsystem | 1 Salon Booking System | 2026-04-01 | 7.2 High |
| Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Privilege Escalation.This issue affects Salon booking system: from n/a through < 10.15. | ||||
| CVE-2025-30974 | 2 Addonmaster, Wordpress | 2 Post Grid Master, Wordpress | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Akhtarujjaman Shuvo Post Grid Master ajax-filter-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid Master: from n/a through <= 3.4.17. | ||||
| CVE-2025-28876 | 1 Skrill | 1 Skrill | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Skrill_Team Skrill Official official-skrill-woocommerce allows Cross Site Request Forgery.This issue affects Skrill Official: from n/a through <= 1.0.66. | ||||
| CVE-2025-28868 | 1 Condenast | 1 Ziplist Recipe | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ZipList ZipList Recipe ziplist-recipe-plugin allows Cross Site Request Forgery.This issue affects ZipList Recipe: from n/a through <= 3.1. | ||||
| CVE-2025-28867 | 1 Stesvis | 1 Frontpage Category Filter | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in stesvis Frontpage category filter frontpage-category-filter allows Cross Site Request Forgery.This issue affects Frontpage category filter: from n/a through <= 1.0.2. | ||||