Export limit exceeded: 341102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76982 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68859 | 1 Wordpress | 1 Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in agmorpheus Syntax Highlighter Compress syntax-highlighter-compress allows Reflected XSS.This issue affects Syntax Highlighter Compress: from n/a through <= 3.0.83.3. | ||||
| CVE-2025-68849 | 1 Wordpress | 1 Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Frank Corso Quote Master quote-master allows Reflected XSS.This issue affects Quote Master: from n/a through <= 7.1.1. | ||||
| CVE-2025-68012 | 1 Wordpress | 1 Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dmytro Shteflyuk CodeColorer codecolorer allows Stored XSS.This issue affects CodeColorer: from n/a through <= 0.10.1. | ||||
| CVE-2025-68011 | 3 Gls, Woocommerce, Wordpress | 3 Shipping For Woocommerce, Woocommerce, Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GLS GLS Shipping for WooCommerce gls-shipping-for-woocommerce allows Reflected XSS.This issue affects GLS Shipping for WooCommerce: from n/a through <= 1.4.0. | ||||
| CVE-2025-68010 | 2 Netgsm, Wordpress | 2 Netgsm, Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in netgsm Netgsm netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through <= 2.9.63. | ||||
| CVE-2025-68008 | 2 Mndpsingh287, Wordpress | 2 Wp Mail, Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mndpsingh287 WP Mail wp-mail allows Reflected XSS.This issue affects WP Mail: from n/a through <= 1.3. | ||||
| CVE-2025-68027 | 2 Themefic, Wordpress | 2 Hydra Booking, Wordpress | 2026-01-28 | 7.3 High |
| Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking hydra-booking allows Privilege Escalation.This issue affects Hydra Booking: from n/a through <= 1.1.32. | ||||
| CVE-2025-69099 | 1 Wordpress | 1 Wordpress | 2026-01-28 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection.This issue affects North: from n/a through <= 5.7.5. | ||||
| CVE-2025-69053 | 1 Wordpress | 1 Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through <= 3.8.4. | ||||
| CVE-2025-69051 | 1 Wordpress | 1 Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Reflected XSS.This issue affects ListingPro Reviews: from n/a through <= 1.7. | ||||
| CVE-2025-69048 | 1 Wordpress | 1 Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through <= 3.8.4. | ||||
| CVE-2025-68906 | 2 Jnews, Wordpress | 2 Jnews, Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through <= 11.0.2. | ||||
| CVE-2025-68904 | 2 Jnews, Wordpress | 2 Jnews, Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme JNews - Frontend Submit jnews-frontend-submit allows Reflected XSS.This issue affects JNews - Frontend Submit: from n/a through <= 11.0.0. | ||||
| CVE-2025-67923 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through <= 3.7.7. | ||||
| CVE-2025-63017 | 1 Wordpress | 1 Wordpress | 2026-01-28 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through <= 1.6.6. | ||||
| CVE-2025-58206 | 2 Thememove, Wordpress | 2 Maxcoach, Wordpress | 2026-01-28 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MaxCoach allows PHP Local File Inclusion. This issue affects MaxCoach: from n/a through 3.2.5. | ||||
| CVE-2024-47369 | 1 Wpwebinfotech | 1 Social Auto Poster | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPWeb Social Auto Poster allows Reflected XSS.This issue affects Social Auto Poster: from n/a through 5.3.15. | ||||
| CVE-2024-43131 | 1 Wpwebelite | 1 Docket | 2026-01-28 | 7.5 High |
| Incorrect Authorization vulnerability in WPWeb Docket (WooCommerce Collections / Wishlist / Watchlist) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Docket (WooCommerce Collections / Wishlist / Watchlist): from n/a before 1.7.0. | ||||
| CVE-2024-39651 | 2 Wpweb, Wpwebelite | 2 Woocommerce Pdf Vouchers, Woocommerce Pdf Vouchers | 2026-01-28 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPWeb WooCommerce PDF Vouchers allows File Manipulation.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.5. | ||||
| CVE-2024-39652 | 1 Wpwebelite | 1 Woocommerce Pdf Vouchers | 2026-01-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPWeb Elite WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.5. | ||||