Export limit exceeded: 45574 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45574 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22324 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andon Ivanov OZ Canonical oz-canonical allows Reflected XSS.This issue affects OZ Canonical: from n/a through <= 0.5. | ||||
| CVE-2025-22323 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Image Hover Effects for Elementor image-hover-effects-elementor-addon allows Stored XSS.This issue affects Image Hover Effects for Elementor: from n/a through <= 1.0.2.4. | ||||
| CVE-2025-22322 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeluxeThemes Private Messages for UserPro userpro-messaging allows Reflected XSS.This issue affects Private Messages for UserPro: from n/a through <= 4.10.0. | ||||
| CVE-2025-22321 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TheInnovs ElementsCSS Addons for Elementor css-for-elementor allows Stored XSS.This issue affects ElementsCSS Addons for Elementor: from n/a through <= 1.0.8.9. | ||||
| CVE-2025-22320 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProductDyno ProductDyno productdyno allows Reflected XSS.This issue affects ProductDyno: from n/a through <= 1.0.24. | ||||
| CVE-2025-22317 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gallery Ape Photo Gallery – Image Gallery by Ape gallery-images-ape allows Reflected XSS.This issue affects Photo Gallery – Image Gallery by Ape: from n/a through <= 2.2.8. | ||||
| CVE-2025-22316 | 2 Wordpress, Wpbits | 2 Wordpress, Wpbits Addons For Elementor Page Builder | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through <= 1.5.1. | ||||
| CVE-2025-22315 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Typing Text | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Typing Text typing-text allows Stored XSS.This issue affects Typing Text: from n/a through <= 1.2.7. | ||||
| CVE-2025-22314 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Scripts Food Store – Online Food Delivery & Pickup food-store allows Reflected XSS.This issue affects Food Store – Online Food Delivery & Pickup: from n/a through <= 1.5.4. | ||||
| CVE-2025-22313 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Widgetize Pages Light widgetize-pages-light allows Reflected XSS.This issue affects Widgetize Pages Light: from n/a through <= 3.0. | ||||
| CVE-2025-22312 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows DOM-Based XSS.This issue affects Thim Elementor Kit: from n/a through <= 1.2.9. | ||||
| CVE-2025-22310 | 2 Templatesnext, Wordpress | 2 Templatesnext Toolkit, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marsian TemplatesNext ToolKit templatesnext-toolkit allows Stored XSS.This issue affects TemplatesNext ToolKit: from n/a through <= 3.2.9. | ||||
| CVE-2025-22309 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RopeSwingHld SpeakOut! Email Petitions speakout allows DOM-Based XSS.This issue affects SpeakOut! Email Petitions: from n/a through <= 4.4.2. | ||||
| CVE-2025-22308 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Kitajima Smart Custom Fields smart-custom-fields allows Stored XSS.This issue affects Smart Custom Fields: from n/a through <= 5.0.0. | ||||
| CVE-2025-22307 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful Islam Product Table for WooCommerce woo-product-table allows Reflected XSS.This issue affects Product Table for WooCommerce: from n/a through <= 4.0.3. | ||||
| CVE-2025-22296 | 1 Hashthemes | 1 Hash Elements | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through <= 1.5.0. | ||||
| CVE-2025-22294 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Reflected XSS.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.3. | ||||
| CVE-2025-22293 | 2 Gutentor, Wordpress | 2 Gutentor, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gutentor Gutentor gutentor allows DOM-Based XSS.This issue affects Gutentor: from n/a through <= 3.4.3. | ||||
| CVE-2025-22292 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Felipe Peixoto Powerful Auto Chat powers-triggers-of-woo-to-chat allows Stored XSS.This issue affects Powerful Auto Chat: from n/a through <= 1.9.8. | ||||
| CVE-2025-22286 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition allows Reflected XSS.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through <= 5.0.21. | ||||