Export limit exceeded: 345222 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345222 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58866 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Rami Yushuvaev Site Info site-info-dashboard-widget allows Retrieve Embedded Sensitive Data.This issue affects Site Info: from n/a through <= 1.1. | ||||
| CVE-2025-58867 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Remi Corson Easy Download Media Counter easy-download-media-counter allows Stored XSS.This issue affects Easy Download Media Counter: from n/a through <= 1.2. | ||||
| CVE-2025-58869 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Simasicher SimaCookie simasicher-dsgvo-cookie allows Stored XSS.This issue affects SimaCookie: from n/a through <= 1.3.2. | ||||
| CVE-2025-58871 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through <= 1.1. | ||||
| CVE-2025-58872 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in premiumbizthemes Simple Price Calculator simple-price-calculator-basic allows Retrieve Embedded Sensitive Data.This issue affects Simple Price Calculator: from n/a through <= 1.3. | ||||
| CVE-2025-58873 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pusheco Pushe Web Push Notification pushe-webpush allows Stored XSS.This issue affects Pushe Web Push Notification: from n/a through <= 0.5.0. | ||||
| CVE-2025-47494 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashan Perera EventON eventon-lite allows PHP Local File Inclusion.This issue affects EventON: from n/a through <= 2.4.1. | ||||
| CVE-2025-58874 | 2 Josepsitjar, Wordpress | 2 Storymap, Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in josepsitjar StoryMap wp-storymap allows DOM-Based XSS.This issue affects StoryMap: from n/a through <= 2.1. | ||||
| CVE-2025-47495 | 1 Blockspare | 1 Blockspare | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blockspare Blockspare blockspare allows Stored XSS.This issue affects Blockspare: from n/a through <= 3.2.9. | ||||
| CVE-2025-58875 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sudar Muthu WP Github Gist wp-github-gist allows Stored XSS.This issue affects WP Github Gist: from n/a through <= 0.5. | ||||
| CVE-2025-58876 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ali Aghdam Aparat Video Shortcode aparat-shortcode allows Stored XSS.This issue affects Aparat Video Shortcode: from n/a through <= 0.2.4. | ||||
| CVE-2025-53343 | 2 Goodlayers, Wordpress | 2 Modernize, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through <= 3.4.0. | ||||
| CVE-2025-47497 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Logo Showcase logo-showcase allows DOM-Based XSS.This issue affects Logo Showcase: from n/a through <= 3.0.4. | ||||
| CVE-2025-58877 | 2 Javothemes, Wordpress | 2 Javo Core, Wordpress | 2026-04-15 | 7.5 High |
| Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Javo Core: from n/a through <= 3.0.0.529. | ||||
| CVE-2025-66265 | 2 Megatec, Microsoft | 2 Upsilon2000, Windows | 2026-04-15 | N/A |
| CMService.exe creates the C:\\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files (such as snmp.conf) or hijack DLLs to escalate privileges. | ||||
| CVE-2025-47500 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks allows Stored XSS.This issue affects Stackable: from n/a through <= 3.19.5. | ||||
| CVE-2025-47502 | 2026-04-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick van Wobbie Mollie Forms mollie-forms allows Stored XSS.This issue affects Mollie Forms: from n/a through <= 2.7.12. | ||||
| CVE-2023-23823 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8. | ||||
| CVE-2023-23868 | 2026-04-15 | 5.4 Medium | ||
| Missing Authorization vulnerability in WPFactory Cost of Goods for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost of Goods for WooCommerce: from n/a through 2.8.6. | ||||
| CVE-2023-23975 | 1 Fullworksplugins | 1 Quick Event Manager | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4. | ||||