Export limit exceeded: 342480 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342480 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53239 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bnovotny User Registration Aide user-registration-aide allows Reflected XSS.This issue affects User Registration Aide: from n/a through <= 1.5.3.8. | ||||
| CVE-2025-53237 | 2 Soflyy, Wordpress | 2 Wp Wizard Cloak, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soflyy WP Wizard Cloak wp-wizard-cloak allows Reflected XSS.This issue affects WP Wizard Cloak: from n/a through <= 1.0.1. | ||||
| CVE-2025-53236 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 6.3 Medium |
| Missing Authorization vulnerability in AndonDesign UDesign Core u-design-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UDesign Core: from n/a through <= 4.14.0. | ||||
| CVE-2025-53234 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign Core u-design-core allows Reflected XSS.This issue affects UDesign Core: from n/a through <= 4.14.0. | ||||
| CVE-2025-53233 | 2 Rylanh, Wordpress | 2 Storyform, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RylanH Storyform storyform allows Reflected XSS.This issue affects Storyform: from n/a through <= 0.6.14. | ||||
| CVE-2025-53232 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 5.8 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in inkthemes WP Gmail SMTP wp-gmail-smtp allows Retrieve Embedded Sensitive Data.This issue affects WP Gmail SMTP: from n/a through <= 1.0.7. | ||||
| CVE-2025-53231 | 2 Wordpress, Wpdevstudio | 2 Wordpress, Easy Taxonomy Images | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevstudio Easy Taxonomy Images easy-taxonomy-images allows Stored XSS.This issue affects Easy Taxonomy Images: from n/a through <= 1.0.1. | ||||
| CVE-2025-53229 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kamleshyadav RockON DJ rockon allows Reflected XSS.This issue affects RockON DJ: from n/a through <= 3.3. | ||||
| CVE-2025-53228 | 2 Jezza101, Wordpress | 2 Bbpress Simple Advert Units, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jezza101 bbpress Simple Advert Units bbpress-simple-advert-units allows Reflected XSS.This issue affects bbpress Simple Advert Units: from n/a through <= 0.41. | ||||
| CVE-2025-53218 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 5.8 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through <= 1.4.5. | ||||
| CVE-2025-53217 | 2 Staviravn, Wordpress | 2 Aio Wp Builder, Wordpress | 2026-04-01 | 7.6 High |
| Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO WP Builder: from n/a through <= 2.0.2. | ||||
| CVE-2025-53214 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 9.1 Critical |
| Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier-certificates-open-badges allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sertifier Certificate & Badge Maker: from n/a through <= 1.21. | ||||
| CVE-2025-52773 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hiecor HieCOR Payment Gateway Plugin hcv4-payment-gateway allows SQL Injection.This issue affects HieCOR Payment Gateway Plugin: from n/a through <= 1.5.11. | ||||
| CVE-2025-52770 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in appscreo Hello Followers hellofollowers allows Reflected XSS.This issue affects Hello Followers: from n/a through <= 2.5. | ||||
| CVE-2025-52768 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Faith & Hope faith-hope allows PHP Local File Inclusion.This issue affects Faith & Hope: from n/a through <= 2.13.0. | ||||
| CVE-2025-52764 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marielav flexoslider flexoslider allows Reflected XSS.This issue affects flexoslider: from n/a through <= 1.0004. | ||||
| CVE-2025-52763 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through <= 1.08. | ||||
| CVE-2025-52762 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flexostudio flexo-posts-manager flexo-posts-manager allows Reflected XSS.This issue affects flexo-posts-manager: from n/a through <= 1.0001. | ||||
| CVE-2025-52760 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Globalis MultiSite Clone Duplicator multisite-clone-duplicator allows Reflected XSS.This issue affects MultiSite Clone Duplicator: from n/a through <= 1.5.3. | ||||
| CVE-2025-52758 | 2 Gesundheit-bewegt, Wordpress | 2 Zippy, Wordpress | 2026-04-01 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy allows Using Malicious Files.This issue affects Zippy: from n/a through <= 1.7.0. | ||||