Export limit exceeded: 341868 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341868 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58234 | 2 Joomsky, Wordpress | 2 Js Job Manager, Wordpress | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Job Manager js-jobs allows Stored XSS.This issue affects JS Job Manager: from n/a through <= 2.0.2. | ||||
| CVE-2025-58233 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Guaven Labs SQL Chart Builder sql-chart-builder allows DOM-Based XSS.This issue affects SQL Chart Builder: from n/a through <= 2.3.7.2. | ||||
| CVE-2025-58232 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ickata Image Editor by Pixo image-editor-by-pixo allows DOM-Based XSS.This issue affects Image Editor by Pixo: from n/a through <= 2.3.8. | ||||
| CVE-2025-58231 | 2 Bitly, Wordpress | 2 Bitly, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bitlydeveloper Bitly wp-bitly allows Stored XSS.This issue affects Bitly: from n/a through <= 2.8.0. | ||||
| CVE-2025-58230 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes ZoloBlocks zoloblocks allows DOM-Based XSS.This issue affects ZoloBlocks: from n/a through <= 2.3.12. | ||||
| CVE-2025-58229 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Sitekit sitekit allows Stored XSS.This issue affects Sitekit: from n/a through <= 2.0. | ||||
| CVE-2025-58228 | 3 Shapedplugin, Woocommerce, Wordpress | 3 Quick View, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin LLC Quick View for WooCommerce woo-quickview allows Stored XSS.This issue affects Quick View for WooCommerce: from n/a through <= 2.2.16. | ||||
| CVE-2025-58227 | 2 Podlove, Wordpress | 2 Podlove Subscribe Button, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexander Lueken Podlove Subscribe button podlove-subscribe-button allows Stored XSS.This issue affects Podlove Subscribe button: from n/a through <= 1.3.11. | ||||
| CVE-2025-58226 | 2 Iberezansky, Wordpress | 2 3d Flipbook, Wordpress | 2026-04-01 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in iberezansky 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery interactive-3d-flipbook-powered-physics-engine allows Retrieve Embedded Sensitive Data.This issue affects 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery: from n/a through <= 1.16.16. | ||||
| CVE-2025-58223 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Taylor VoucherPress voucherpress allows Stored XSS.This issue affects VoucherPress: from n/a through <= 1.5.7. | ||||
| CVE-2025-58222 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Maidul Team Manager wp-team-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team Manager: from n/a through <= 2.5.1. | ||||
| CVE-2025-58221 | 2 Ontraport, Wordpress | 2 Pilotpress, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in ONTRAPORT PilotPress pilotpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PilotPress: from n/a through <= 2.0.36. | ||||
| CVE-2025-58220 | 2 Techeshta, Wordpress | 2 Card Elements For Wpbakery, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Techeshta Card Elements for WPBakery card-elements-for-wpbakery allows DOM-Based XSS.This issue affects Card Elements for WPBakery: from n/a through <= 1.0.8. | ||||
| CVE-2025-58219 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in LIJE Show Pages List show-pages-list allows Cross Site Request Forgery.This issue affects Show Pages List: from n/a through <= 1.2.0. | ||||
| CVE-2025-58218 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition small-package-quotes-usps-edition allows Object Injection.This issue affects Small Package Quotes – USPS Edition: from n/a through <= 1.3.9. | ||||
| CVE-2025-58217 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News instant-breaking-news allows Stored XSS.This issue affects Instant Breaking News: from n/a through <= 1.0. | ||||
| CVE-2025-58216 | 2 Jgwhite33, Wordpress | 2 Wp Thumbtack Review Slider, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP Thumbtack Review Slider wp-thumbtack-review-slider allows Stored XSS.This issue affects WP Thumbtack Review Slider: from n/a through <= 2.6. | ||||
| CVE-2025-58215 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Ziston ziston allows PHP Local File Inclusion.This issue affects Ziston: from n/a through < 1.4.5. | ||||
| CVE-2025-58214 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Indutri indutri allows PHP Local File Inclusion.This issue affects Indutri: from n/a through < 1.3.0. | ||||
| CVE-2025-58213 | 2 Ameliabooking, Wordpress | 2 Booking System Trafft, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ameliabooking Booking System Trafft booking-system-trafft allows Stored XSS.This issue affects Booking System Trafft: from n/a through <= 1.0.14. | ||||