Export limit exceeded: 341809 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341809 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32590 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tzin111 Web2application web2application allows Reflected XSS.This issue affects Web2application: from n/a through <= 6.1. | ||||
| CVE-2025-32589 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in odude Flexi – Guest Submit flexi allows PHP Local File Inclusion.This issue affects Flexi – Guest Submit: from n/a through <= 4.28. | ||||
| CVE-2025-32588 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Credova Financial Credova_Financial credova-financial allows Reflected XSS.This issue affects Credova_Financial: from n/a through <= 2.4.8. | ||||
| CVE-2025-32587 | 2026-04-01 | N/A | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in pickupp WooCommerce Pickupp wc-pickupp allows PHP Local File Inclusion.This issue affects WooCommerce Pickupp: from n/a through <= 2.4.3. | ||||
| CVE-2025-32586 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ABA Bank ABA PayWay Payment Gateway for WooCommerce aba-payway-woocommerce-payment-gateway allows Reflected XSS.This issue affects ABA PayWay Payment Gateway for WooCommerce: from n/a through <= 2.1.4. | ||||
| CVE-2025-32585 | 2026-04-01 | N/A | ||
| Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through <= 1.2. | ||||
| CVE-2025-32584 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Chat2 Chat2 chat2 allows Cross Site Request Forgery.This issue affects Chat2: from n/a through <= 4.0. | ||||
| CVE-2025-32583 | 2026-04-01 | N/A | ||
| Improper Control of Generation of Code ('Code Injection') vulnerability in termel PDF 2 Post pdf2post allows Remote Code Inclusion.This issue affects PDF 2 Post: from n/a through <= 2.4.0. | ||||
| CVE-2025-32582 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EXEIdeas International WP AutoKeyword wp-autokeyword allows Stored XSS.This issue affects WP AutoKeyword: from n/a through <= 1.0. | ||||
| CVE-2025-32581 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ankit Singla WordPress Spam Blocker cf7-manual-spam-blocker allows Stored XSS.This issue affects WordPress Spam Blocker: from n/a through <= 2.0.5. | ||||
| CVE-2025-32580 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in debounce DeBounce Email Validator debounce-io-email-validator allows Stored XSS.This issue affects DeBounce Email Validator: from n/a through <= 5.7.1. | ||||
| CVE-2025-32579 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through <= 1.0. | ||||
| CVE-2025-32578 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapro Collins Coming Soon Countdown coming-soon-countdown allows Reflected XSS.This issue affects Coming Soon Countdown: from n/a through <= 2.2. | ||||
| CVE-2025-32577 | 2 Hakeemnala, Wordpress | 2 Build App Online, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in hakeemnala Build App Online build-app-online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through <= 1.0.23. | ||||
| CVE-2025-32576 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows Upload a Web Shell to a Web Server.This issue affects WP shop: from n/a through <= 2.6.1. | ||||
| CVE-2025-32575 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Reflected XSS.This issue affects WP w3all phpBB: from n/a through <= 2.9.9. | ||||
| CVE-2025-32572 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through <= 1.5.3. | ||||
| CVE-2025-32571 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in TuriTop TuriTop Booking System turitop-booking-system allows Object Injection.This issue affects TuriTop Booking System: from n/a through <= 1.0.10. | ||||
| CVE-2025-32570 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ChillPay ChillPay WooCommerce chillpay-payment-gateway allows Stored XSS.This issue affects ChillPay WooCommerce: from n/a through <= 2.5.3. | ||||
| CVE-2025-32569 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in RealMag777 TableOn posts-table-filterable allows Object Injection.This issue affects TableOn: from n/a through <= 1.0.4.3. | ||||