Export limit exceeded: 347794 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79546 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79546 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25075 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Show notice or message on admin area show-notice-or-message-on-admin-area allows Stored XSS.This issue affects Show notice or message on admin area: from n/a through <= 2.0. | ||||
| CVE-2025-25074 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Nirmal Kumar Ram WP Social Stream wp-social-stream allows Stored XSS.This issue affects WP Social Stream: from n/a through <= 1.1. | ||||
| CVE-2025-25072 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in thunderbax WP Admin Custom Page wp-admin-custom-page allows Stored XSS.This issue affects WP Admin Custom Page: from n/a through <= 1.5.0. | ||||
| CVE-2025-25071 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in topplugins Vignette Ads vignete-ads allows Stored XSS.This issue affects Vignette Ads: from n/a through <= 0.2. | ||||
| CVE-2025-25070 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ed atrero Album Reviewer albumreviewer allows Stored XSS.This issue affects Album Reviewer: from n/a through <= 2.0.2. | ||||
| CVE-2025-24780 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows SQL Injection.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.4.0. | ||||
| CVE-2025-24779 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in NooTheme Yogi yogi allows Object Injection.This issue affects Yogi: from n/a through < 2.9.3. | ||||
| CVE-2025-24774 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla WPCRM - CRM for Contact form CF7 & WooCommerce wpcrm allows Reflected XSS.This issue affects WPCRM - CRM for Contact form CF7 & WooCommerce: from n/a through <= 3.2.0. | ||||
| CVE-2025-24771 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Content Manager Light content-manager-light allows Reflected XSS.This issue affects Content Manager Light: from n/a through <= 3.2. | ||||
| CVE-2025-24770 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through <= 1.7. | ||||
| CVE-2025-24769 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Zenny bw-zenny allows PHP Local File Inclusion.This issue affects Zenny: from n/a through <= 1.7.5. | ||||
| CVE-2025-24768 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Nitan snsnitan allows PHP Local File Inclusion.This issue affects Nitan: from n/a through <= 2.9. | ||||
| CVE-2025-24766 | 2 Wordpress, Wp-royal-themes | 2 Wordpress, News Magazine X | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wproyal News Magazine X news-magazine-x allows PHP Local File Inclusion.This issue affects News Magazine X: from n/a through <= 1.2.37. | ||||
| CVE-2025-24765 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.7 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RobMarsh Image Shadow image-shadow allows Path Traversal.This issue affects Image Shadow: from n/a through <= 1.1.0. | ||||
| CVE-2025-24761 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme DSK dsk allows PHP Local File Inclusion.This issue affects DSK: from n/a through < 2.4. | ||||
| CVE-2025-24760 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Sofass sofass allows PHP Local File Inclusion.This issue affects Sofass: from n/a through <= 1.3.4. | ||||
| CVE-2025-24758 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Map Locations cm-map-locations allows Reflected XSS.This issue affects CM Map Locations: from n/a through <= 2.0.8. | ||||
| CVE-2025-24756 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in mgplugin Roi Calculator roi-calculator allows Stored XSS.This issue affects Roi Calculator: from n/a through <= 1.0. | ||||
| CVE-2025-24752 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Reflected XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.0.14. | ||||
| CVE-2025-24745 | 2 Radiustheme, Wordpress | 2 Classified Listing, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Classified Listing classified-listing allows Reflected XSS.This issue affects Classified Listing: from n/a through <= 4.0.1. | ||||