Export limit exceeded: 341161 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341161 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341161 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26867 | 2025-05-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in Themes4WP Bulk allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bulk: from n/a through 1.0.11. | ||||
| CVE-2025-26997 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in validas Wireless Butler allows Reflected XSS.This issue affects Wireless Butler: from n/a through 1.0.11. | ||||
| CVE-2025-27010 | 2025-05-21 | 8.1 High | ||
| Path Traversal: '.../...//' vulnerability in bslthemes Tastyc allows PHP Local File Inclusion.This issue affects Tastyc: from n/a before 2.5.2. | ||||
| CVE-2025-3078 | 2025-05-21 | 8.7 High | ||
| A passback vulnerability which relates to production printers and office multifunction printers. | ||||
| CVE-2025-3079 | 2025-05-21 | 8.7 High | ||
| A passback vulnerability which relates to office/small office multifunction printers and laser printers. | ||||
| CVE-2025-3223 | 2025-05-21 | 5.9 Medium | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in GE Vernova WorkstationST on Windows (EGD Configuration Server modules) allows Path Traversal.This issue affects WorkstationST: WorkstationST V07.10.10C and earlier. | ||||
| CVE-2025-39350 | 2025-05-21 | 8.2 High | ||
| Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0. | ||||
| CVE-2025-39357 | 2025-05-21 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla Hospital Management System allows SQL Injection.This issue affects Hospital Management System: from n/a through 47.0(20-11-2023). | ||||
| CVE-2025-39364 | 2025-05-21 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PluginEver Product Category Slider for WooCommerce allows PHP Local File Inclusion.This issue affects Product Category Slider for WooCommerce: from n/a through 4.3.4. | ||||
| CVE-2025-39365 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rocket Apps wProject allows Reflected XSS.This issue affects wProject: from n/a before 5.8.0. | ||||
| CVE-2025-39366 | 2025-05-21 | 8.8 High | ||
| Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0. | ||||
| CVE-2025-39371 | 2025-05-21 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Author Box Plugin With Different Description allows Cross Site Request Forgery.This issue affects Author Box Plugin With Different Description: from n/a through 1.3.5. | ||||
| CVE-2025-39372 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elbisnero WordPress Events Calendar Registration & Tickets allows Reflected XSS.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through 2.6.0. | ||||
| CVE-2025-39373 | 2025-05-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in jegtheme JNews.This issue affects JNews: from n/a through 11.6.5. | ||||
| CVE-2025-39374 | 2025-05-21 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in aseem1234 Best Posts Summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through 1.0. | ||||
| CVE-2025-39376 | 2025-05-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in QuanticaLabs Car Park Booking System for WordPress.This issue affects Car Park Booking System for WordPress: from n/a through 2.6. | ||||
| CVE-2025-39386 | 2025-05-21 | 9.3 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla Hospital Management System allows SQL Injection.This issue affects Hospital Management System: from n/a through 47.0(20-11-2023). | ||||
| CVE-2025-39388 | 2025-05-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in Solid Plugins AnalyticsWP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AnalyticsWP: from n/a through 2.0.0. | ||||
| CVE-2025-39389 | 2025-05-21 | 9.3 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solid Plugins AnalyticsWP allows SQL Injection.This issue affects AnalyticsWP: from n/a through 2.1.2. | ||||
| CVE-2025-39392 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla WPAMS allows Reflected XSS.This issue affects WPAMS: from n/a through 44.0 (17-08-2023). | ||||