Export limit exceeded: 84928 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84928 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27362 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Petito bw-petito allows PHP Local File Inclusion.This issue affects Petito: from n/a through < 1.6.6. | ||||
| CVE-2025-27361 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thhake Photo Express for Google photo-express-for-google allows Reflected XSS.This issue affects Photo Express for Google: from n/a through <= 0.3.2. | ||||
| CVE-2025-27355 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Nicolas GRILLET Woocommerce – Loi Hamon loi-hamon allows Stored XSS.This issue affects Woocommerce – Loi Hamon: from n/a through <= 1.1.0. | ||||
| CVE-2025-27354 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phil88530 Simple Email Subscriber simple-email-subscriber allows Reflected XSS.This issue affects Simple Email Subscriber: from n/a through <= 2.3. | ||||
| CVE-2025-27352 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wumii team 无觅相关文章插件 wumii-related-posts allows Stored XSS.This issue affects 无觅相关文章插件: from n/a through <= 1.0.5.7. | ||||
| CVE-2025-27350 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hugh Mungus Vice Versa vice-versa allows Reflected XSS.This issue affects Vice Versa: from n/a through <= 2.2.3. | ||||
| CVE-2025-27345 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Reflected XSS.This issue affects Booking Ultra Pro: from n/a through <= 1.1.19. | ||||
| CVE-2025-27343 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop WooCommerce HTML5 Video woocommerce-html5-video allows Reflected XSS.This issue affects WooCommerce HTML5 Video: from n/a through <= 1.7.10. | ||||
| CVE-2025-27338 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in graphems List Urls list-urls allows Reflected XSS.This issue affects List Urls: from n/a through <= 0.2. | ||||
| CVE-2025-27337 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through <= 0.4.14. | ||||
| CVE-2025-27333 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alvego Protected wp-login protected-wp-login allows Reflected XSS.This issue affects Protected wp-login: from n/a through <= 2.1. | ||||
| CVE-2025-27332 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in gmnazmul Smart Maintenance & Countdown smart-maintenance-countdown allows Stored XSS.This issue affects Smart Maintenance & Countdown: from n/a through <= 1.2. | ||||
| CVE-2025-27324 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 17track 17TRACK for WooCommerce 17track allows Reflected XSS.This issue affects 17TRACK for WooCommerce: from n/a through <= 1.2.10. | ||||
| CVE-2025-27322 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bappa Mal QR Code for WooCommerce wc-qr-codes allows Reflected XSS.This issue affects QR Code for WooCommerce: from n/a through <= 1.2.0. | ||||
| CVE-2025-27321 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Blighty Blightly Explorer blighty-explorer allows Stored XSS.This issue affects Blightly Explorer: from n/a through <= 2.3.0. | ||||
| CVE-2025-27319 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivan82 User List user-list allows Reflected XSS.This issue affects User List: from n/a through <= 1.5.1. | ||||
| CVE-2025-27314 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kush Sharma Kush Micro News kush-micro-news allows Stored XSS.This issue affects Kush Micro News: from n/a through <= 1.6.7. | ||||
| CVE-2025-27313 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bernd Altmeier Google Maps GPX Viewer google-maps-gpx-viewer allows Reflected XSS.This issue affects Google Maps GPX Viewer: from n/a through <= 3.6. | ||||
| CVE-2025-27312 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jenst WP Sitemap wp-sitemap allows SQL Injection.This issue affects WP Sitemap: from n/a through <= 1.0. | ||||
| CVE-2025-27309 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeannot Muller flickr-slideshow-wrapper flickr-slideshow-wrapper allows Stored XSS.This issue affects flickr-slideshow-wrapper: from n/a through <= 5.4.6. | ||||