Export limit exceeded: 341810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341810 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39551 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Object Injection.This issue affects FluentBoards: from n/a through <= 1.47. | ||||
| CVE-2025-39550 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity fluent-community allows Object Injection.This issue affects FluentCommunity: from n/a through <= 1.2.15. | ||||
| CVE-2025-39549 | 1 Whiletrue | 1 Most And Least Read Posts Widget | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in whiletrue Most And Least Read Posts Widget most-and-least-read-posts-widget allows Stored XSS.This issue affects Most And Least Read Posts Widget: from n/a through <= 2.5.20. | ||||
| CVE-2025-39548 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Right Click Disable OR Ban right-click-disable-or-ban allows Stored XSS.This issue affects Right Click Disable OR Ban: from n/a through <= 1.1.17. | ||||
| CVE-2025-39547 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Internal Link Optimiser internal-link-finder allows Stored XSS.This issue affects Internal Link Optimiser: from n/a through <= 5.1.3. | ||||
| CVE-2025-39546 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft ElementsReady Addons for Elementor element-ready-lite allows Cross Site Request Forgery.This issue affects ElementsReady Addons for Elementor: from n/a through <= 6.6.2. | ||||
| CVE-2025-39545 | 1 Miniorange | 1 Wordpress Rest Api Authentication | 2026-04-01 | N/A |
| Missing Authorization vulnerability in miniOrange WordPress REST API Authentication wp-rest-api-authentication allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress REST API Authentication: from n/a through <= 3.6.3. | ||||
| CVE-2025-39544 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in sminozzi WP Tools wptools allows Path Traversal.This issue affects WP Tools: from n/a through <= 5.18. | ||||
| CVE-2025-39543 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through <= 1.3.977. | ||||
| CVE-2025-39542 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through <= 9.1.0. | ||||
| CVE-2025-39541 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Roland Murg WP Simple Booking Calendar wp-simple-booking-calendar.This issue affects WP Simple Booking Calendar: from n/a through <= 2.0.13. | ||||
| CVE-2025-39540 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhys Wynne WP Flipclock wp-flipclock allows DOM-Based XSS.This issue affects WP Flipclock: from n/a through <= 1.9.1. | ||||
| CVE-2025-39539 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brewlabs WP Email Delivery wp-email-delivery allows Reflected XSS.This issue affects WP Email Delivery: from n/a through <= 1.20.11.23. | ||||
| CVE-2025-39538 | 2026-04-01 | N/A | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through <= 3.3.9.4. | ||||
| CVE-2025-39537 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blaze Concepts Better Customer List for WooCommerce woo-better-customer-list allows Reflected XSS.This issue affects Better Customer List for WooCommerce: from n/a through <= 1.2.3. | ||||
| CVE-2025-39535 | 2026-04-01 | N/A | ||
| Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through <= 3.1.7. | ||||
| CVE-2025-39533 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Starfish Reviews Starfish Review Generation & Marketing starfish-reviews allows Privilege Escalation.This issue affects Starfish Review Generation & Marketing: from n/a through <= 3.1.19. | ||||
| CVE-2025-39532 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in spicethemes Spice Blocks spice-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spice Blocks: from n/a through <= 2.0.7.7. | ||||
| CVE-2025-39531 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in slazzercom Slazzer Background Changer slazzer-background-changer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slazzer Background Changer: from n/a through <= 3.14. | ||||
| CVE-2025-39530 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through <= 2.1.8. | ||||