Export limit exceeded: 341809 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341809 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30977 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chaport Live Chat Chaport chaport allows Stored XSS.This issue affects Chaport: from n/a through <= 1.1.6. | ||||
| CVE-2025-30976 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in wpdive Nexa Blocks nexa-blocks allows Server Side Request Forgery.This issue affects Nexa Blocks: from n/a through <= 1.1.1. | ||||
| CVE-2025-30975 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Code Injection.This issue affects Add Custom Codes: from n/a through <= 4.80. | ||||
| CVE-2025-30974 | 2 Addonmaster, Wordpress | 2 Post Grid Master, Wordpress | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Akhtarujjaman Shuvo Post Grid Master ajax-filter-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid Master: from n/a through <= 3.4.17. | ||||
| CVE-2025-30973 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS coschool allows Object Injection.This issue affects CoSchool LMS: from n/a through <= 1.4.3. | ||||
| CVE-2025-30972 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iamapinan Woocommerce Line Notify woo-line-notify allows Stored XSS.This issue affects Woocommerce Line Notify: from n/a through <= 1.1.7. | ||||
| CVE-2025-30971 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xavi Ivars XV Random Quotes xv-random-quotes allows SQL Injection.This issue affects XV Random Quotes: from n/a through <= 2.0.0. | ||||
| CVE-2025-30970 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scottwallick Easy Contact easy-contact allows Reflected XSS.This issue affects Easy Contact: from n/a through <= 0.1.2. | ||||
| CVE-2025-30969 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus iFrame Images Gallery wp-iframe-images-gallery allows SQL Injection.This issue affects iFrame Images Gallery: from n/a through <= 9.0. | ||||
| CVE-2025-30968 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in jokerbr313 Advanced Post List advanced-post-list allows Cross Site Request Forgery.This issue affects Advanced Post List: from n/a through <= 0.5.6.2. | ||||
| CVE-2025-30964 | 2026-04-01 | N/A | ||
| Server-Side Request Forgery (SSRF) vulnerability in ThemeGoods Photography photography allows Server Side Request Forgery.This issue affects Photography: from n/a through < 7.7.6. | ||||
| CVE-2025-30963 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows DOM-Based XSS.This issue affects JetSmartFilters: from n/a through <= 3.6.3. | ||||
| CVE-2025-30962 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fs-code FS Poster fs-poster allows Reflected XSS.This issue affects FS Poster: from n/a through <= 6.5.8. | ||||
| CVE-2025-30961 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tinuzz Trackserver trackserver allows DOM-Based XSS.This issue affects Trackserver: from n/a through <= 5.1.0. | ||||
| CVE-2025-30960 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in fs-code FS Poster fs-poster.This issue affects FS Poster: from n/a through <= 6.5.8. | ||||
| CVE-2025-30959 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in WPFactory Product XML Feed Manager for WooCommerce product-xml-feeds-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product XML Feed Manager for WooCommerce: from n/a through <= 2.9.2. | ||||
| CVE-2025-30958 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites onoffice-for-wp-websites allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onOffice for WP-Websites: from n/a through <= 6.5.1. | ||||
| CVE-2025-30957 | 1 Buddydev | 1 Activity Plus Reloaded For Buddypress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress bp-activity-plus-reloaded allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Activity Plus Reloaded for BuddyPress: from n/a through <= 1.1.2. | ||||
| CVE-2025-30956 | 1 Booqable | 1 Rental Software Booqable Rental | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Booqable Rental Software Booqable Rental booqable-rental-reservations allows Cross Site Request Forgery.This issue affects Booqable Rental: from n/a through <= 2.4.25. | ||||
| CVE-2025-30955 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3themes ListingEasy listingeasy allows Reflected XSS.This issue affects ListingEasy: from n/a through <= 1.9.2. | ||||