Export limit exceeded: 346387 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (78882 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31585 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in leadfox Leadfox for WordPress leadfox allows Cross Site Request Forgery.This issue affects Leadfox for WordPress: from n/a through <= 2.1.9. | ||||
| CVE-2025-31583 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Copy Media URL wp-copy-media-url allows Stored XSS.This issue affects WP Copy Media URL: from n/a through <= 2.1. | ||||
| CVE-2025-31582 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani Contact Form vCard Generator contact-form-vcard-generator allows Stored XSS.This issue affects Contact Form vCard Generator: from n/a through <= 2.4. | ||||
| CVE-2025-31580 | 2026-04-23 | 7.5 High | ||
| Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Product Enquiry ni-woocommerce-product-enquiry allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Ni WooCommerce Product Enquiry: from n/a through <= 4.1.8. | ||||
| CVE-2025-31578 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wisdomlogix Solutions Pvt. Ltd. Fonts Manager | Custom Fonts fonts-manager-custom-fonts allows Reflected XSS.This issue affects Fonts Manager | Custom Fonts: from n/a through <= 1.2. | ||||
| CVE-2025-31573 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pepro Dev. Group PeproDev CF7 Database pepro-cf7-database allows Stored XSS.This issue affects PeproDev CF7 Database: from n/a through <= 2.0.0. | ||||
| CVE-2025-31571 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cynob IT Consultancy The Logo Slider the-logo-slider allows Reflected XSS.This issue affects The Logo Slider: from n/a through <= 1.0.0. | ||||
| CVE-2025-31570 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wp-buy Related Posts Widget with Thumbnails advanced-css3-related-posts-widget allows Stored XSS.This issue affects Related Posts Widget with Thumbnails: from n/a through <= 1.2. | ||||
| CVE-2025-31569 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wp-buy wordpress related Posts with thumbnails related-posts-list-grid-and-slider-all-in-one allows Stored XSS.This issue affects wordpress related Posts with thumbnails: from n/a through <= 3.0.0.1. | ||||
| CVE-2025-31568 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wiredmindshelp LeadLab by wiredminds wiredminds-leadlab allows Reflected XSS.This issue affects LeadLab by wiredminds: from n/a through <= 1.3. | ||||
| CVE-2025-31566 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in riosisgroup Rio Video Gallery rio-video-gallery allows Stored XSS.This issue affects Rio Video Gallery: from n/a through <= 2.3.6. | ||||
| CVE-2025-31564 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in aitool Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One ai-auto-tool allows Blind SQL Injection.This issue affects Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One: from n/a through <= 2.2.6. | ||||
| CVE-2025-31563 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vimal Kava AI Search Bar open-ai-search-bar allows Stored XSS.This issue affects AI Search Bar: from n/a through <= 2.1. | ||||
| CVE-2025-31561 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CodeSolz Ultimate Push Notifications ultimate-push-notifications allows SQL Injection.This issue affects Ultimate Push Notifications: from n/a through <= 1.2.0. | ||||
| CVE-2025-31560 | 1 Salonbookingsystem | 1 Salon Booking System | 2026-04-23 | 7.2 High |
| Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Privilege Escalation.This issue affects Salon booking system: from n/a through < 10.15. | ||||
| CVE-2025-31548 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeSolz Ultimate Push Notifications ultimate-push-notifications allows Reflected XSS.This issue affects Ultimate Push Notifications: from n/a through <= 1.2.0. | ||||
| CVE-2025-31547 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aphotrax Uptime Robot Plugin for WordPress uptime-robot-monitor allows SQL Injection.This issue affects Uptime Robot Plugin for WordPress: from n/a through <= 2.3. | ||||
| CVE-2025-31542 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Blind SQL Injection.This issue affects My auctions allegro: from n/a through <= 3.6.20. | ||||
| CVE-2025-31537 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in madfishdigital Bulk NoIndex & NoFollow Toolkit bulk-noindex-nofollow-toolkit-by-mad-fish allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through <= 2.16. | ||||
| CVE-2025-31536 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Reflected XSS.This issue affects CF7 Spreadsheets: from n/a through <= 2.3.2. | ||||