Export limit exceeded: 341809 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341809 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47644 | 2026-04-01 | N/A | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form integrations-of-zoho-crm-with-elementor-form allows Phishing.This issue affects Integrations of Zoho CRM with Elementor form: from n/a through <= 1.0.8. | ||||
| CVE-2025-47642 | 1 Ajar Productions | 1 Ajar In5 Embed | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through <= 3.1.5. | ||||
| CVE-2025-47641 | 1 Woocommerce | 1 Woocommerce | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows Upload a Web Shell to a Web Server.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.3.9. | ||||
| CVE-2025-47640 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows SQL Injection.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.4.0. | ||||
| CVE-2025-47639 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Supertext Supertext Translation and Proofreading polylang-supertext allows Stored XSS.This issue affects Supertext Translation and Proofreading: from n/a through <= 4.26. | ||||
| CVE-2025-47638 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sarvesh M Rao WP Discord Invite wp-discord-invite allows Stored XSS.This issue affects WP Discord Invite: from n/a through <= 2.5.3. | ||||
| CVE-2025-47637 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in STAGGS STAGGS staggs allows Upload a Web Shell to a Web Server.This issue affects STAGGS: from n/a through <= 2.11.0. | ||||
| CVE-2025-47636 | 2026-04-01 | N/A | ||
| Path Traversal: '.../...//' vulnerability in Fernando Briano List category posts list-category-posts allows PHP Local File Inclusion.This issue affects List category posts: from n/a through <= 0.91.0. | ||||
| CVE-2025-47635 | 1 Webinarpress | 1 Webinarpress | 2026-04-01 | 9.8 Critical |
| Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Server Side Request Forgery.This issue affects WebinarPress: from n/a through <= 1.33.28. | ||||
| CVE-2025-47634 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Keylor Mendoza WC Pickup Store wc-pickup-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WC Pickup Store: from n/a through <= 1.8.9. | ||||
| CVE-2025-47633 | 1 Awin | 1 Awin - Advertiser Tracking For Woocommerce | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Awin Awin – Advertiser Tracking for WooCommerce awin-advertiser-tracking allows Cross Site Request Forgery.This issue affects Awin – Advertiser Tracking for WooCommerce: from n/a through <= 2.0.0. | ||||
| CVE-2025-47632 | 1 Raihancse | 1 Awesome Gallery | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raihanul Islam Awesome Gallery awesome-gallery allows Stored XSS.This issue affects Awesome Gallery: from n/a through <= 1.0. | ||||
| CVE-2025-47630 | 1 Connekthq | 1 Ajax Load More | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney Ajax Load More ajax-load-more allows Stored XSS.This issue affects Ajax Load More: from n/a through <= 7.3.1.2. | ||||
| CVE-2025-47629 | 1 Wp-crm | 1 Wp-crm System | 2026-04-01 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Object Injection.This issue affects WP-CRM System: from n/a through <= 3.4.5. | ||||
| CVE-2025-47628 | 1 Quomodosoft | 1 Qs Dark Mode | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in quomodosoft QS Dark Mode qs-dark-mode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QS Dark Mode: from n/a through <= 3.0. | ||||
| CVE-2025-47626 | 1 Apasionados | 1 Submission Dom Tracking For Contact Form 7 | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados Submission DOM tracking for Contact Form 7 cf7-submission-dom-tracking allows Stored XSS.This issue affects Submission DOM tracking for Contact Form 7: from n/a through <= 2.1. | ||||
| CVE-2025-47625 | 1 Apasionados | 1 Dofollow Case By Case | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Stored XSS.This issue affects DoFollow Case by Case: from n/a through <= 3.5.1. | ||||
| CVE-2025-47624 | 1 Apasionados | 1 Dofollow Case By Case | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Cross Site Request Forgery.This issue affects DoFollow Case by Case: from n/a through <= 3.5.1. | ||||
| CVE-2025-47623 | 1 Wpplugin | 1 Easy Paypal \& Stripe Buy Now Button | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Easy PayPal Buy Now Button wp-ecommerce-paypal allows Stored XSS.This issue affects Easy PayPal Buy Now Button: from n/a through <= 2.0. | ||||
| CVE-2025-47622 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados Email Notification on Login email-notification-on-login allows Stored XSS.This issue affects Email Notification on Login: from n/a through <= 1.7.0. | ||||