Export limit exceeded: 346267 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346267 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23442 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in mschertel Shockingly Big IE6 Warning shockingly-big-ie6-warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through <= 1.6.3. | ||||
| CVE-2025-23441 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dkukral Attach Gallery Posts attach-gallery-posts allows Reflected XSS.This issue affects Attach Gallery Posts: from n/a through <= 1.6. | ||||
| CVE-2025-23440 | 2026-04-23 | 6.3 Medium | ||
| Missing Authorization vulnerability in radicaldesigns radSLIDE radslide allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects radSLIDE: from n/a through <= 2.1. | ||||
| CVE-2025-23439 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in willshouse TinyMCE Extended Config tinymce-extended-config allows Reflected XSS.This issue affects TinyMCE Extended Config: from n/a through <= 0.1.0. | ||||
| CVE-2025-23438 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Mimoun-Prat WP PT-Viewer wp-ptviewer allows Reflected XSS.This issue affects WP PT-Viewer: from n/a through <= 2.0.2. | ||||
| CVE-2025-23437 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nord_tramper ntp-header-images header-images-rotator allows Reflected XSS.This issue affects ntp-header-images: from n/a through <= 1.2. | ||||
| CVE-2025-23436 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in capa Wp-Scribd-List wp-scribd-list allows Stored XSS.This issue affects Wp-Scribd-List: from n/a through <= 1.2. | ||||
| CVE-2025-23435 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in marcucci Password Protect Plugin for WordPress password-protect-plugin-for-wordpress allows Stored XSS.This issue affects Password Protect Plugin for WordPress: from n/a through <= 0.8.1.0. | ||||
| CVE-2025-23433 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jnwry vcOS vcos allows Reflected XSS.This issue affects vcOS: from n/a through <= 1.4.0. | ||||
| CVE-2025-23431 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in khaninejad Envato Affiliater envato-affiliater allows Reflected XSS.This issue affects Envato Affiliater: from n/a through <= 1.2.4. | ||||
| CVE-2025-23430 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Oren Yomtov Mass Custom Fields Manager mass-custom-fields-manager allows Reflected XSS.This issue affects Mass Custom Fields Manager: from n/a through <= 1.5. | ||||
| CVE-2025-23428 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arash Safari QMean – WordPress Did You Mean qmean allows Reflected XSS.This issue affects QMean – WordPress Did You Mean: from n/a through <= 2.0. | ||||
| CVE-2025-23427 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Anderson / Team Updraft Redux Converter redux-converter allows Reflected XSS.This issue affects Redux Converter: from n/a through <= 1.1.3.1. | ||||
| CVE-2025-23426 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Binesh Dobhal go Social go-social allows Stored XSS.This issue affects go Social: from n/a through <= 1.0. | ||||
| CVE-2025-23425 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marekki Marekkis Watermark marekkis-watermark allows Reflected XSS.This issue affects Marekkis Watermark: from n/a through <= 0.9.4. | ||||
| CVE-2025-23424 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bnovotny Marquee Style RSS News Ticker marquee-style-rss-news-ticker allows Cross Site Request Forgery.This issue affects Marquee Style RSS News Ticker: from n/a through <= 3.2.0. | ||||
| CVE-2025-23423 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in Smackcoders Inc., SendGrid for WordPress wp-sendgrid-mailer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SendGrid for WordPress: from n/a through <= 1.4. | ||||
| CVE-2025-23422 | 2026-04-23 | 7.5 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in moaluko Store Locator store-locator allows PHP Local File Inclusion.This issue affects Store Locator: from n/a through <= 3.98.10. | ||||
| CVE-2025-22827 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in joomag WP Joomag wp-joomag allows DOM-Based XSS.This issue affects WP Joomag: from n/a through <= 2.5.2. | ||||
| CVE-2025-22826 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpecommerce Sell Digital Downloads sell-digital-downloads allows Stored XSS.This issue affects Sell Digital Downloads: from n/a through <= 2.2.7. | ||||