Export limit exceeded: 45631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45631 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22801 | 2 Hasthemes, Wordpress | 2 Free Woocommerce Theme 99fy Extension, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension 99fy-core allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through <= 1.2.8. | ||||
| CVE-2025-22798 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CHR Designer Responsive jQuery Slider responsive-jquery-slider allows Stored XSS.This issue affects Responsive jQuery Slider: from n/a through <= 1.1.1. | ||||
| CVE-2025-22797 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oğulcan Özügenç Gallery and Lightbox gallery-and-lightbox allows Stored XSS.This issue affects Gallery and Lightbox: from n/a through <= 1.0.14. | ||||
| CVE-2025-22796 | 2 Platcom, Wordpress | 2 Wp-asambleas, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in platcom WP-Asambleas wp-asambleas allows Reflected XSS.This issue affects WP-Asambleas: from n/a through <= 2.85.0. | ||||
| CVE-2025-22795 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Reflected XSS.This issue affects Multilang Contact Form: from n/a through <= 1.5. | ||||
| CVE-2025-22788 | 2026-04-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through <= 4.29. | ||||
| CVE-2025-22781 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nativery Nativery nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through <= 0.1.6. | ||||
| CVE-2025-22780 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrey wp-pano wp-pano allows Stored XSS.This issue affects wp-pano: from n/a through <= 1.17. | ||||
| CVE-2025-22778 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in damniel Lijit Search wp-lijit-wijit allows Reflected XSS.This issue affects Lijit Search: from n/a through <= 1.1. | ||||
| CVE-2025-22776 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codebycarter WP Bulletin Board wp-bulletin-board allows Reflected XSS.This issue affects WP Bulletin Board: from n/a through <= 1.1.4. | ||||
| CVE-2025-22775 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in idiatech Catalog Importer, Scraper & Crawler intelligent-importer allows Reflected XSS.This issue affects Catalog Importer, Scraper & Crawler: from n/a through <= 5.1.3. | ||||
| CVE-2025-22774 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRUDLab CRUDLab Scroll to Top crudlab-scroll-to-top allows Reflected XSS.This issue affects CRUDLab Scroll to Top: from n/a through <= 1.0.1. | ||||
| CVE-2025-22772 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stephanemartinw Mapbox for WP Advanced mapbox-for-wp-advanced allows Reflected XSS.This issue affects Mapbox for WP Advanced: from n/a through <= 1.0.0. | ||||
| CVE-2025-22771 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Studio Hyperset The Great Firewords of China sensitive-chinese-words-scanner allows Stored XSS.This issue affects The Great Firewords of China: from n/a through <= 1.2. | ||||
| CVE-2025-22767 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Global Payments GlobalPayments WooCommerce global-payments-woocommerce allows Reflected XSS.This issue affects GlobalPayments WooCommerce: from n/a through <= 1.13.2. | ||||
| CVE-2025-22766 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Masoud Amini Zarinpal Paid Download zarinpal-paid-downloads allows Reflected XSS.This issue affects Zarinpal Paid Download: from n/a through <= 2.3. | ||||
| CVE-2025-22765 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weiluri WP Order By wp-order-by allows Reflected XSS.This issue affects WP Order By: from n/a through <= 1.4.2. | ||||
| CVE-2025-22764 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vipul Jariwala WP Post Corrector wp-post-corrector allows Reflected XSS.This issue affects WP Post Corrector: from n/a through <= 1.0.2. | ||||
| CVE-2025-22762 | 2026-04-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Octrace WordPress HelpDesk & Support Ticket System Plugin – Octrace Support octrace-support allows Stored XSS.This issue affects WordPress HelpDesk & Support Ticket System Plugin – Octrace Support: from n/a through <= 1.2.7. | ||||
| CVE-2025-22761 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Olaf Lederer Ajax Contact Form fws-ajax-contact-form allows Stored XSS.This issue affects Ajax Contact Form: from n/a through <= 1.4.1. | ||||