Xt\ CVEs and Security Vulnerabilities

Export limit exceeded: 341827 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 25), (line:1, col:26)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341827 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-57929	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kanwei_doublethedonation Double the Donation double-the-donation allows Stored XSS.This issue affects Double the Donation: from n/a through <= 2.0.0.
CVE-2025-57928	2 Strategy11, Wordpress	2 Awp Classifieds, Wordpress	2026-04-01	N/A
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Code Injection.This issue affects AWP Classifieds: from n/a through <= 4.4.3.
CVE-2025-57927	2 Stephanie Leary, Wordpress	2 Dashboard Notepad, Wordpress	2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Stephanie Leary Dashboard Notepad dashboard-notepad allows Cross Site Request Forgery.This issue affects Dashboard Notepad: from n/a through <= 1.42.
CVE-2025-57926	2 Wordpress, Wpchill	2 Wordpress, Passster	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Passster content-protector allows Stored XSS.This issue affects Passster: from n/a through <= 4.2.18.
CVE-2025-57925	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in immonex immonex Kickstart Team immonex-kickstart-team allows PHP Local File Inclusion.This issue affects immonex Kickstart Team: from n/a through <= 1.6.9.
CVE-2025-57923	1 Wordpress	1 Wordpress	2026-04-01	N/A
Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through <= 3.9.2.
CVE-2025-57922	3 Coordinadora Mercantil, Woocommerce, Wordpress	3 Envios Coordinadora, Woocommerce, Wordpress	2026-04-01	N/A
Insertion of Sensitive Information Into Sent Data vulnerability in Coordinadora Mercantil S.A. Envíos Coordinadora Woocommerce coordinadora allows Retrieve Embedded Sensitive Data.This issue affects Envíos Coordinadora Woocommerce: from n/a through <= 1.1.32.
CVE-2025-57921	2 Najeebmedia, Wordpress	2 Frontend File Manager, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through <= 23.3.
CVE-2025-57920	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CK MacLeod Category Featured Images Extended category-featured-images-extended allows Stored XSS.This issue affects Category Featured Images Extended: from n/a through <= 1.52.
CVE-2025-57919	2 Conveythis, Wordpress	2 Language Translate Widget For Wordpress Conveythis, Wordpress	2026-04-01	N/A
Deserialization of Untrusted Data vulnerability in ConveyThis ConveyThis conveythis-translate allows Object Injection.This issue affects ConveyThis: from n/a through <= 269.1.
CVE-2025-57918	1 Wordpress	1 Wordpress	2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in ERA404 LinkedInclude linkedinclude allows Stored XSS.This issue affects LinkedInclude: from n/a through <= 3.0.4.
CVE-2025-57917	3 Printcart, Woocommerce, Wordpress	3 Web To Print Product Designer, Woocommerce, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.4.8.
CVE-2025-57916	1 Wordpress	1 Wordpress	2026-04-01	N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Nurul Amin WP System Information wp-system-info allows Retrieve Embedded Sensitive Data.This issue affects WP System Information: from n/a through <= 1.5.
CVE-2025-57915	2 Tochat Be, Wordpress	2 Tochat Be, Wordpress	2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in César Martín TOCHAT.BE tochat-be allows Cross Site Request Forgery.This issue affects TOCHAT.BE: from n/a through <= 1.3.4.
CVE-2025-57914	3 Matat Technologies, Woocommerce, Wordpress	3 Deliver Via Shipos, Woocommerce, Wordpress	2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through <= 3.0.2.
CVE-2025-57913	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eleopard Behance Portfolio Manager portfolio-manager-powered-by-behance allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through <= 1.7.5.
CVE-2025-57912	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dialogity Dialogity Free Live Chat dialogity-website-chat allows Stored XSS.This issue affects Dialogity Free Live Chat: from n/a through <= 1.0.3.
CVE-2025-57911	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Adverts adverts-click-tracker allows DOM-Based XSS.This issue affects Adverts: from n/a through <= 1.4.
CVE-2025-57910	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AnyClip Video Platform AnyClip Luminous Studio anyclip-media allows Stored XSS.This issue affects AnyClip Luminous Studio: from n/a through <= 1.3.3.
CVE-2025-57909	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Rouergue Création Editor Custom Color Palette editor-custom-color-palette allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Editor Custom Color Palette: from n/a through <= 3.5.6.

« first previous Page 56 of 17092. next last »