\ CVEs and Security Vulnerabilities

Export limit exceeded: 346314 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '\' (at char 29), (line:1, col:30)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346314 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-58682	2 Wordpress, Wp-kama	2 Wordpress, Kama Click Counter	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timur Kamaev Kama Click Counter kama-clic-counter allows Stored XSS.This issue affects Kama Click Counter: from n/a through <= 4.0.4.
CVE-2025-58681	1 Wordpress	1 Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in Jürgen Müller Easy Quotes easy-quotes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Quotes: from n/a through <= 1.2.4.
CVE-2025-58680	2 Gutentor, Wordpress	2 Gutentor, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in gutentor Gutentor gutentor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutentor: from n/a through <= 3.5.2.
CVE-2025-58679	2 Appmysite, Wordpress	2 Appmysite, Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in AppMySite AppMySite appmysite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AppMySite: from n/a through <= 3.15.0.
CVE-2025-58678	2 Pickplugins, Wordpress	2 Accordion, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion: from n/a through <= 2.3.15.
CVE-2025-58677	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in puravida1976 ShrinkTheWeb (STW) Website Previews shrinktheweb-website-preview-plugin allows Stored XSS.This issue affects ShrinkTheWeb (STW) Website Previews: from n/a through <= 2.8.5.
CVE-2025-58676	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in extendyourweb HORIZONTAL SLIDER horizontal-slider allows Stored XSS.This issue affects HORIZONTAL SLIDER: from n/a through <= 2.4.
CVE-2025-58675	2 Tryinteract, Wordpress	2 Interact, Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in tryinteract Interact: Embed A Quiz On Your Site interact-quiz-embed allows Cross Site Request Forgery.This issue affects Interact: Embed A Quiz On Your Site: from n/a through <= 3.1.
CVE-2025-58674	2 Automattic, Wordpress	2 Wordpress, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPress WordPress wordpress allows Stored XSS.This issue affects WordPress: from n/a through <= 6.8.2.
CVE-2026-5450	2 Gnu, The Gnu C Library	2 Glibc, Glibc	2026-04-23	9.8 Critical
Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.
CVE-2025-58673	1 Wordpress	1 Wordpress	2026-04-23	5.4 Medium
Improper Control of Generation of Code ('Code Injection') vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through <= 4.1.12.
CVE-2025-58672	1 Wordpress	1 Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.1.12.
CVE-2025-58671	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in morganrichards Auction Feed auction-feed allows Stored XSS.This issue affects Auction Feed: from n/a through <= 1.1.4.
CVE-2025-58670	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Shankaranand Maurya WP Content Protection wp-content-protection allows Stored XSS.This issue affects WP Content Protection: from n/a through <= 1.3.
CVE-2025-58669	3 Magento, Modern Minds, Wordpress	3 Magento, Magento 2 Wordpress Integration, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modern Minds Magento 2 WordPress Integration m2wp allows Stored XSS.This issue affects Magento 2 WordPress Integration: from n/a through <= 1.4.2.1.
CVE-2025-58668	2 Vibethemes, Wordpress	2 Wordpress Learning Management System, Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in VibeThemes WPLMS wplms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLMS : from n/a through <= 4.970.
CVE-2025-58667	1 Wordpress	1 Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro Reviews: from n/a through < 2.9.11.
CVE-2025-58666	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration website-chat-button-kommo-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Website Chat Button: Kommo integration: from n/a through <= 1.3.1.
CVE-2025-58665	2 Tmontg1, Wordpress	2 Form Generator, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tmontg1 Form Generator for WordPress form-generator-powered-by-jotform allows Stored XSS.This issue affects Form Generator for WordPress: from n/a through <= 1.52.
CVE-2025-58664	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Azizul Hasan Text To Speech TTS Accessibility text-to-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Text To Speech TTS Accessibility: from n/a through <= 1.9.30.

« first previous Page 102 of 17316. next last »