\ CVEs and Security Vulnerabilities

Export limit exceeded: 341935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '\' (at char 27), (line:1, col:28)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341935 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-50035			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through <= 3.1.
CVE-2025-50034			2026-04-01	N/A
Missing Authorization vulnerability in Mahmudul Hasan Arif Enhanced Blocks – Page Builder Blocks for Gutenberg enhanced-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Blocks – Page Builder Blocks for Gutenberg: from n/a through <= 1.4.1.
CVE-2025-50033			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sparklewpthemes Fitness Park fitness-park allows DOM-Based XSS.This issue affects Fitness Park: from n/a through <= 1.1.1.
CVE-2025-50032			2026-04-01	N/A
Missing Authorization vulnerability in Paytiko - Payment Orchestration Platform Paytiko for WooCommerce paytiko allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Paytiko for WooCommerce: from n/a through <= 1.3.21.
CVE-2025-50031	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in syedamirhussain91 DB Backup db-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DB Backup: from n/a through <= 6.0.
CVE-2025-50030			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sparklewpthemes Spark Multipurpose spark-multipurpose allows DOM-Based XSS.This issue affects Spark Multipurpose: from n/a through <= 1.0.7.
CVE-2025-50029	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Ashish AI Tools artificial-intelligence-auto-content-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Tools: from n/a through <= 4.0.7.
CVE-2025-50028			2026-04-01	N/A
Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications ultimate-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Push Notifications: from n/a through <= 1.2.0.
CVE-2025-50027			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xootix Login/Signup Popup easy-login-woocommerce allows Stored XSS.This issue affects Login/Signup Popup: from n/a through <= 2.9.4.
CVE-2025-50026			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spoki Spoki spoki allows Stored XSS.This issue affects Spoki: from n/a through <= 2.17.0.
CVE-2025-50025			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople CP Polls cp-polls allows Stored XSS.This issue affects CP Polls: from n/a through <= 1.0.81.
CVE-2025-50024			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Truong Thanh ATP Call Now atp-call-now allows Stored XSS.This issue affects ATP Call Now: from n/a through <= 1.0.3.
CVE-2025-50023			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Coyier CodePen Embed Block codepen-embed-block allows Stored XSS.This issue affects CodePen Embed Block: from n/a through <= 1.2.0.
CVE-2025-50022			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JK WP-FB-AutoConnect wp-fb-autoconnect allows Stored XSS.This issue affects WP-FB-AutoConnect: from n/a through <= 4.6.4.
CVE-2025-50021			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Peake Better Random Redirect better-random-redirect allows Stored XSS.This issue affects Better Random Redirect: from n/a through <= 1.3.20.
CVE-2025-50020			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nitin Yawalkar RDFa Breadcrumb rdfa-breadcrumb allows Stored XSS.This issue affects RDFa Breadcrumb: from n/a through <= 2.3.
CVE-2025-50019			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sandor Kovacs Simple Sticky Footer simple-sticky-footer allows Stored XSS.This issue affects Simple Sticky Footer : from n/a through <= 1.3.5.
CVE-2025-50018			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through <= 2.1.20.
CVE-2025-50017			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt WP Voting Contest wp-voting-contest allows Stored XSS.This issue affects WP Voting Contest: from n/a through <= 5.8.
CVE-2025-50016			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brijeshk89 IP Based Login ip-based-login allows Stored XSS.This issue affects IP Based Login: from n/a through <= 2.4.2.

« first previous Page 96 of 17097. next last »