Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9944 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-46492 1 Wordpress 1 Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog call-now-coccoc-pht-blog allows Stored XSS.This issue affects Call Now PHT Blog: from n/a through <= 2.4.1.
CVE-2025-11959 1 Premierturk 1 Excavation Management Information System 2026-04-15 8.1 High
Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse.This issue affects Excavation Management Information System: before v.10.2025.01.
CVE-2024-13953 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 4.9 Medium
Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2025-22814 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Admin Theme zephyr-modern-admin-theme allows Cross Site Request Forgery.This issue affects Zephyr Admin Theme: from n/a through <= 1.4.1.
CVE-2025-31845 1 Wordpress 1 Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Rohit Choudhary Theme Duplicator theme-duplicator allows Cross Site Request Forgery.This issue affects Theme Duplicator: from n/a through <= 1.1.
CVE-2025-49239 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce woocommerce-delivery-notes allows Cross Site Request Forgery.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through <= 5.5.0.
CVE-2024-30521 1 Wordpress 1 Wordpress 2026-04-15 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Landingi Landingi Landing Pages.This issue affects Landingi Landing Pages: from n/a through 3.1.1.
CVE-2025-48238 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in awcode AWcode Toolkit awcode-toolkit allows Stored XSS.This issue affects AWcode Toolkit: from n/a through <= 1.0.18.
CVE-2024-30460 2026-04-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Tumult Inc Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.11.
CVE-2025-52767 2 Lisensee, Wordpress 2 Netinsight Analytics Implementation Plugin, Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin netinsight-analytics-implementation-plugin allows Cross Site Request Forgery.This issue affects NetInsight Analytics Implementation Plugin: from n/a through <= 1.0.3.
CVE-2024-55500 2026-04-15 8.8 High
Cross-Site Request Forgery (CSRF) in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine.
CVE-2025-49399 1 Wordpress 1 Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Cross Site Request Forgery.This issue affects NEX-Forms: from n/a through <= 9.1.3.
CVE-2025-46450 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan occupancyplan allows Stored XSS.This issue affects occupancyplan: from n/a through <= 1.0.3.0.
CVE-2025-54030 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in WesternDeal WooCommerce Google Sheet Connector wc-gsheetconnector allows Cross Site Request Forgery.This issue affects WooCommerce Google Sheet Connector: from n/a through <= 1.3.20.
CVE-2025-30948 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Giraphix Creative Layouts for Elementor layouts-for-elementor allows Cross Site Request Forgery.This issue affects Layouts for Elementor: from n/a through <= 1.11.
CVE-2025-49391 2 Fetchdesigns, Wordpress 2 Sign-up Sheets, Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets allows Cross Site Request Forgery.This issue affects Sign-up Sheets: from n/a through <= 2.3.3.
CVE-2025-62880 2 Kunalnagar, Wordpress 2 Custom 404 Pro, Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through <= 3.12.0.
CVE-2025-66600 1 Yokogawa 1 Fast/tools 2026-04-15 N/A
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product lacks HSTS (HTTP Strict Transport Security) configuration. When an attacker performs a Man in the middle (MITM) attack, communications with the web server could be sniffed. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
CVE-2024-49304 2 Pinpoint.world, Wordpress 2 Pinpoint Booking System, Wordpress 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Stored XSS.This issue affects Pinpoint Booking System: from n/a through <= 2.9.9.5.7.
CVE-2025-23426 2026-04-15 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Binesh Dobhal go Social go-social allows Stored XSS.This issue affects go Social: from n/a through <= 1.0.