Export limit exceeded: 346927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79180 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79180 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30906 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lisandragetnet Plugin Oficial – Getnet para WooCommerce wc-checkout-getnet allows Reflected XSS.This issue affects Plugin Oficial – Getnet para WooCommerce: from n/a through <= 1.7.3. | ||||
| CVE-2025-30905 | 2 Ays-pro, Wordpress | 2 Secure Copy Content Protection And Content Locking, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 4.4.3. | ||||
| CVE-2025-30902 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ATL Software SRL AEC Kiosque aec-kiosque allows Reflected XSS.This issue affects AEC Kiosque: from n/a through <= 1.9.3. | ||||
| CVE-2025-30901 | 2 Joomsky, Wordpress | 2 Js Help Desk, Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk js-support-ticket allows PHP Local File Inclusion.This issue affects JS Help Desk: from n/a through <= 2.9.2. | ||||
| CVE-2025-30895 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through <= 4.2.9. | ||||
| CVE-2025-30892 | 2026-04-23 | 8.8 High | ||
| Deserialization of Untrusted Data vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Object Injection.This issue affects WpTravelly: from n/a through <= 1.8.7. | ||||
| CVE-2025-30891 | 2026-04-23 | 8.8 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam WpTravelly tour-booking-manager allows PHP Local File Inclusion.This issue affects WpTravelly: from n/a through <= 1.8.7. | ||||
| CVE-2025-30890 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SuitePlugins Login Widget for Ultimate Member login-widget-for-ultimate-member allows PHP Local File Inclusion.This issue affects Login Widget for Ultimate Member: from n/a through <= 1.1.2. | ||||
| CVE-2025-30889 | 2026-04-23 | 8.8 High | ||
| Deserialization of Untrusted Data vulnerability in PickPlugins Testimonial Slider testimonial allows Object Injection.This issue affects Testimonial Slider: from n/a through <= 2.0.13. | ||||
| CVE-2025-30882 | 2 Joomsky, Wordpress | 2 Js Help Desk, Wordpress | 2026-04-23 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.1. | ||||
| CVE-2025-30880 | 2 Joomsky, Wordpress | 2 Js Help Desk, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2. | ||||
| CVE-2025-30879 | 2026-04-23 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert allows SQL Injection.This issue affects MC Woocommerce Wishlist: from n/a through <= 1.8.9. | ||||
| CVE-2025-30878 | 1 Joomsky | 1 Js Help Desk | 2026-04-23 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.2. | ||||
| CVE-2025-30871 | 1 Wptravelengine | 1 Wp Travel Engine | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine wp-travel-engine allows PHP Local File Inclusion.This issue affects WP Travel Engine: from n/a through <= 6.3.5. | ||||
| CVE-2025-30870 | 1 Wptravelengine | 1 Wp Travel Engine | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine wp-travel-engine allows PHP Local File Inclusion.This issue affects WP Travel Engine: from n/a through <= 6.3.5. | ||||
| CVE-2025-30869 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Parakoos Image Wall image-wall allows Reflected XSS.This issue affects Image Wall: from n/a through <= 3.0. | ||||
| CVE-2025-30868 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maidul Team Manager wp-team-manager allows PHP Local File Inclusion.This issue affects Team Manager: from n/a through <= 2.1.23. | ||||
| CVE-2025-30858 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Snow Storm snow-storm allows Reflected XSS.This issue affects Snow Storm: from n/a through <= 1.4.6. | ||||
| CVE-2025-30857 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Currency Switcher for WooCommerce currency-switcher-for-woocommerce allows Stored XSS.This issue affects Currency Switcher for WooCommerce: from n/a through <= 0.0.7. | ||||
| CVE-2025-30855 | 2026-04-23 | 7.5 High | ||
| Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ads by WPQuads: from n/a through <= 2.0.87.1. | ||||