Export limit exceeded: 341935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341935 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26926 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through <= 4.0.9. | ||||
| CVE-2025-26924 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in colabrio Ohio Extra ohio-extra allows Code Injection.This issue affects Ohio Extra: from n/a through <= 3.4.7. | ||||
| CVE-2025-26923 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post allows Stored XSS.This issue affects Event post: from n/a through <= 5.9.8. | ||||
| CVE-2025-26922 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in techthemes AuraMart auramart allows Stored XSS.This issue affects AuraMart: from n/a through <= 2.0.7. | ||||
| CVE-2025-26921 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object Injection.This issue affects Booking and Rental Manager: from n/a through <= 2.2.6. | ||||
| CVE-2025-26920 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in pressmaximum Customify customify-theme allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Customify: from n/a through <= 0.4.8. | ||||
| CVE-2025-26919 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tainacan Tainá taina allows Stored XSS.This issue affects Tainá: from n/a through < 0.2.5. | ||||
| CVE-2025-26918 | 1 Eniture | 1 Small Package Quotes | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition allows Reflected XSS.This issue affects Small Package Quotes – Unishippers Edition: from n/a through <= 2.4.9. | ||||
| CVE-2025-26917 | 1 Hasthemes | 1 Wp Templata | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WP Templata wptemplata allows Reflected XSS.This issue affects WP Templata: from n/a through <= 1.0.7. | ||||
| CVE-2025-26916 | 2 Epc, Wordpress | 2 Massive Dynamic Plugin, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Pixflow Massive Dynamic massive-dynamic.This issue affects Massive Dynamic: from n/a through <= 8.2. | ||||
| CVE-2025-26915 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This issue affects Wishlist: from n/a through <= 1.0.41. | ||||
| CVE-2025-26914 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Variable Inspector variable-inspector allows Reflected XSS.This issue affects Variable Inspector: from n/a through <= 2.6.2. | ||||
| CVE-2025-26913 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webandprint AR For WordPress ar-for-wordpress allows DOM-Based XSS.This issue affects AR For WordPress: from n/a through <= 7.7. | ||||
| CVE-2025-26912 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Stored XSS.This issue affects Easy Elementor Addons: from n/a through <= 2.1.6. | ||||
| CVE-2025-26911 | 2 Bowo, Wordpress | 2 System Dashboard, Wordpress | 2026-04-01 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Bowo System Dashboard system-dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects System Dashboard: from n/a through <= 2.8.18. | ||||
| CVE-2025-26910 | 1 Iqonic | 1 Wpbookit | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit wpbookit allows Stored XSS.This issue affects WPBookit: from n/a through <= 1.0.1. | ||||
| CVE-2025-26909 | 1 Wpplugins | 1 Hide My Wp Ghost | 2026-04-01 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through <= 5.4.01. | ||||
| CVE-2025-26908 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gurmehub Kargo Entegratör kargo-entegrator allows SQL Injection.This issue affects Kargo Entegratör: from n/a through <= 1.1.14. | ||||
| CVE-2025-26907 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Estatik Mortgage Calculator Estatik estatik-mortgage-calculator allows Stored XSS.This issue affects Mortgage Calculator Estatik: from n/a through <= 2.0.12. | ||||
| CVE-2025-26906 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ren Ventura WP Delete User Accounts wp-delete-user-accounts allows DOM-Based XSS.This issue affects WP Delete User Accounts: from n/a through <= 1.2.3. | ||||