Export limit exceeded: 341846 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341846 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47504 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Custom Checkout Fields for WooCommerce custom-checkout-fields-for-woocommerce allows Stored XSS.This issue affects Custom Checkout Fields for WooCommerce: from n/a through <= 1.8.3. | ||||
| CVE-2025-47503 | 1 Wpo-hr | 1 Ngg Smart Image Search | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpo-HR NGG Smart Image Search ngg-smart-image-search allows Stored XSS.This issue affects NGG Smart Image Search: from n/a through <= 3.3.3. | ||||
| CVE-2025-47502 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick van Wobbie Mollie Forms mollie-forms allows Stored XSS.This issue affects Mollie Forms: from n/a through <= 2.7.12. | ||||
| CVE-2025-47501 | 1 Code-atlantic | 1 Content Control | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Iser Content Control content-control allows DOM-Based XSS.This issue affects Content Control: from n/a through <= 2.6.1. | ||||
| CVE-2025-47499 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Simple Blog Stats simple-blog-stats allows Stored XSS.This issue affects Simple Blog Stats: from n/a through <= 20250416. | ||||
| CVE-2025-47498 | 1 Nicdark | 1 Hotel Booking | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark Hotel Booking nd-booking allows PHP Local File Inclusion.This issue affects Hotel Booking: from n/a through <= 3.6. | ||||
| CVE-2025-47497 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Logo Showcase logo-showcase allows DOM-Based XSS.This issue affects Logo Showcase: from n/a through <= 3.0.4. | ||||
| CVE-2025-47496 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PublishPress PublishPress Authors publishpress-authors allows PHP Local File Inclusion.This issue affects PublishPress Authors: from n/a through <= 4.7.5. | ||||
| CVE-2025-47495 | 1 Blockspare | 1 Blockspare | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blockspare Blockspare blockspare allows Stored XSS.This issue affects Blockspare: from n/a through <= 3.2.9. | ||||
| CVE-2025-47494 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashan Perera EventON eventon-lite allows PHP Local File Inclusion.This issue affects EventON: from n/a through <= 2.4.1. | ||||
| CVE-2025-47493 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks ultimate-blocks allows DOM-Based XSS.This issue affects Ultimate Blocks: from n/a through <= 3.2.9. | ||||
| CVE-2025-47492 | 2026-04-01 | N/A | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms drag-and-drop-file-upload-for-elementor-forms allows Path Traversal.This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through <= 1.4.3. | ||||
| CVE-2025-47491 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget new-contact-form-widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through <= 1.4.6. | ||||
| CVE-2025-47490 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP Mail: from n/a through <= 1.3.4. | ||||
| CVE-2025-47489 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in markkinchin Beds24 Online Booking beds24-online-booking allows Stored XSS.This issue affects Beds24 Online Booking: from n/a through <= 2.0.29. | ||||
| CVE-2025-47488 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder bold-page-builder allows DOM-Based XSS.This issue affects Bold Page Builder: from n/a through <= 5.3.2. | ||||
| CVE-2025-47487 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert allows Reflected XSS.This issue affects MC Woocommerce Wishlist: from n/a through <= 1.9.1. | ||||
| CVE-2025-47486 | 1 Cyberchimps | 1 Gutenberg & Elementor Templates Importer For Responsive | 2026-04-01 | N/A |
| Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Plus: from n/a through <= 3.1.9. | ||||
| CVE-2025-47485 | 1 Cozythemes | 1 Cozy Blocks | 2026-04-01 | N/A |
| Missing Authorization vulnerability in CozyThemes Cozy Blocks cozy-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cozy Blocks: from n/a through <= 2.1.22. | ||||
| CVE-2025-47484 | 2026-04-01 | N/A | ||
| Server-Side Request Forgery (SSRF) vulnerability in Oliver Campion Display Remote Posts Block display-remote-posts-block allows Server Side Request Forgery.This issue affects Display Remote Posts Block: from n/a through <= 1.1.0. | ||||