Export limit exceeded: 341885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341885 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-52806 | 2 Eyecix, Wordpress | 2 Jobsearch, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in eyecix JobSearch wp-jobsearch allows PHP Local File Inclusion.This issue affects JobSearch: from n/a through < 3.0.8. | ||||
| CVE-2025-52805 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Path Traversal: '.../...//' vulnerability in VaultDweller Leyka leyka allows PHP Local File Inclusion.This issue affects Leyka: from n/a through <= 3.32.1. | ||||
| CVE-2025-52804 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in uxper Nuss nuss allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Nuss: from n/a through <= 1.3.7.1. | ||||
| CVE-2025-52802 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in enguerranws Import YouTube videos as WP Posts import-youtube-videos-as-wp-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Import YouTube videos as WP Posts: from n/a through <= 2.1. | ||||
| CVE-2025-52801 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in VonStroheim TheBooking thebooking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects TheBooking: from n/a through <= 1.4.4. | ||||
| CVE-2025-52800 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects The E-Commerce ERP: from n/a through <= 2.1.1.3. | ||||
| CVE-2025-52799 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes LMS lms allows Reflected XSS.This issue affects LMS: from n/a through <= 9.2. | ||||
| CVE-2025-52798 | 2 Eyecix, Wordpress | 2 Jobsearch, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through < 3.0.6. | ||||
| CVE-2025-52797 | 2 Josepsitjar, Wordpress | 2 Storymap, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMap wp-storymap allows SQL Injection.This issue affects StoryMap: from n/a through <= 2.1. | ||||
| CVE-2025-52795 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Cross Site Request Forgery.This issue affects WP Front User Submit / Front Editor: from n/a through <= 5.0.6. | ||||
| CVE-2025-52794 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Creative-Solutions Creative Contact Form sexy-contact-form allows Stored XSS.This issue affects Creative Contact Form: from n/a through <= 1.0.0. | ||||
| CVE-2025-52793 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Esselink.nu Esselink.nu Settings esselinknu-settings allows Reflected XSS.This issue affects Esselink.nu Settings: from n/a through <= 4.5. | ||||
| CVE-2025-52792 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in vgstef WP User Stylesheet Switcher wp-user-stylesheet-switcher allows Stored XSS.This issue affects WP User Stylesheet Switcher: from n/a through <= v2.2.0. | ||||
| CVE-2025-52791 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in devfelixmoira Knowledge Base – Knowledge Base Maker knowledge-base-maker allows Stored XSS.This issue affects Knowledge Base – Knowledge Base Maker: from n/a through <= 1.1.8. | ||||
| CVE-2025-52790 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in r-win WP-DownloadCounter wp-downloadcounter allows Stored XSS.This issue affects WP-DownloadCounter: from n/a through <= 1.01. | ||||
| CVE-2025-52789 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in George Lewe Lewe ChordPress chordpress allows Stored XSS.This issue affects Lewe ChordPress: from n/a through <= 4.0.1. | ||||
| CVE-2025-52788 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson CaptionPix captionpix allows Reflected XSS.This issue affects CaptionPix: from n/a through <= 1.8. | ||||
| CVE-2025-52787 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EZiHosting Tennis Court Bookings tennis-court-bookings allows Reflected XSS.This issue affects Tennis Court Bookings: from n/a through <= 1.2.7. | ||||
| CVE-2025-52786 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kingdom Creation Media Folder media-folder allows Reflected XSS.This issue affects Media Folder: from n/a through <= 1.0.0. | ||||
| CVE-2025-52785 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in softnwords SMM API smm-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMM API: from n/a through <= 6.0.31. | ||||