Export limit exceeded: 341843 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341843 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58020 | 2 Jeroen Schmit, Wordpress | 2 Theater For Wordpress, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress theatre allows Stored XSS.This issue affects Theater for WordPress: from n/a through <= 0.18.8. | ||||
| CVE-2025-58019 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Search Atlas Group Search Atlas SEO metasync allows Stored XSS.This issue affects Search Atlas SEO: from n/a through <= 2.5.4. | ||||
| CVE-2025-58018 | 2 Richard Leishman, Wordpress | 2 Mail Subscribe List, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Leishman Mail Subscribe List mail-subscribe-list allows Stored XSS.This issue affects Mail Subscribe List: from n/a through <= 2.1.10. | ||||
| CVE-2025-58017 | 2 Bdthemes, Wordpress | 2 Utlimate Store Kit Elementor Addons, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through <= 2.8.6. | ||||
| CVE-2025-58016 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Codexpert, Inc CF7 Submissions cf7-submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Submissions: from n/a through <= 0.26. | ||||
| CVE-2025-58015 | 2 Ays-pro, Wordpress | 2 Quiz Maker, Wordpress | 2026-04-01 | 7.5 High |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker quiz-maker allows Retrieve Embedded Sensitive Data.This issue affects Quiz Maker: from n/a through <= 6.7.0.65. | ||||
| CVE-2025-58014 | 2 Ays-pro, Wordpress | 2 Quiz Maker, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.64. | ||||
| CVE-2025-58013 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through <= 4.5.0. | ||||
| CVE-2025-58012 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in Alex Content Mask content-mask allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Content Mask: from n/a through <= 1.8.5.3. | ||||
| CVE-2025-58011 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in Alex Content Mask content-mask allows Server Side Request Forgery.This issue affects Content Mask: from n/a through <= 1.8.5.2. | ||||
| CVE-2025-58010 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in straightvisions GmbH SV Proven Expert sv-provenexpert allows Cross Site Request Forgery.This issue affects SV Proven Expert: from n/a through <= 2.0.06. | ||||
| CVE-2025-58009 | 2 Cp Multi View Event Calendar Project, Wordpress | 2 Cp Multi View Event Calendar, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through <= 1.4.35. | ||||
| CVE-2025-58008 | 2 Wordpress, Xnau | 2 Wordpress, Participants Database | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xnau webdesign Participants Database participants-database allows Stored XSS.This issue affects Participants Database: from n/a through <= 2.7.6.3. | ||||
| CVE-2025-58007 | 2 Nerdpress, Wordpress | 2 Social Pug Wordpress, Wordpress | 2026-04-01 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NerdPress Hubbub Lite social-pug allows Retrieve Embedded Sensitive Data.This issue affects Hubbub Lite: from n/a through <= 1.35.2. | ||||
| CVE-2025-58006 | 2 Crm Perks, Wordpress | 2 Wp Gravity Forms Keap/infusionsoft, Wordpress | 2026-04-01 | N/A |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Phishing.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through <= 1.2.6. | ||||
| CVE-2025-58005 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft DriCub dricub-driving-school allows Server Side Request Forgery.This issue affects DriCub: from n/a through <= 2.9. | ||||
| CVE-2025-58004 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in SmartDataSoft DriCub dricub-driving-school allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DriCub: from n/a through <= 2.9. | ||||
| CVE-2025-58003 | 2 Javothemes, Wordpress | 2 Javo Core, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Javo Core: from n/a through <= 3.0.0.266. | ||||
| CVE-2025-58002 | 2 Bbpress, Wordpress | 2 Bbpress, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD bbPress Tools gd-bbpress-tools allows DOM-Based XSS.This issue affects GD bbPress Tools: from n/a through <= 3.5.3. | ||||
| CVE-2025-58001 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Compact Archives compact-archives allows Stored XSS.This issue affects Compact Archives: from n/a through <= 4.1.0. | ||||