Export limit exceeded: 341807 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341807 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24668 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Stored XSS.This issue affects PPOM for WooCommerce: from n/a through <= 33.0.8. | ||||
| CVE-2025-24667 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows SQL Injection.This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through <= 5.2.17. | ||||
| CVE-2025-24666 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle AI Chatbot for WordPress – Hyve Lite hyve-lite allows Stored XSS.This issue affects AI Chatbot for WordPress – Hyve Lite: from n/a through <= 1.2.2. | ||||
| CVE-2025-24665 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition allows SQL Injection.This issue affects Small Package Quotes – Unishippers Edition: from n/a through <= 2.4.8. | ||||
| CVE-2025-24664 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition allows SQL Injection.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through <= 5.0.20. | ||||
| CVE-2025-24663 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mra13 Simple Download Monitor simple-download-monitor allows Blind SQL Injection.This issue affects Simple Download Monitor: from n/a through <= 3.9.25. | ||||
| CVE-2025-24661 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce ecab-taxi-booking-manager allows Object Injection.This issue affects Taxi Booking Manager for WooCommerce: from n/a through <= 1.1.8. | ||||
| CVE-2025-24660 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp.insider Simple Membership Custom Messages simple-membership-custom-messages allows Reflected XSS.This issue affects Simple Membership Custom Messages: from n/a through <= 2.4. | ||||
| CVE-2025-24659 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages allows Blind SQL Injection.This issue affects WPDM – Premium Packages: from n/a through <= 5.9.6. | ||||
| CVE-2025-24658 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Auction Nudge – Your eBay on Your Site auction-nudge allows Stored XSS.This issue affects Auction Nudge – Your eBay on Your Site: from n/a through <= 7.2.0. | ||||
| CVE-2025-24657 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee Wishlist for WooCommerce wt-woocommerce-wishlist allows Stored XSS.This issue affects Wishlist for WooCommerce: from n/a through <= 2.1.2. | ||||
| CVE-2025-24656 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Provisioning realtyna-provisioning allows Reflected XSS.This issue affects Realtyna Provisioning: from n/a through <= 1.2.2. | ||||
| CVE-2025-24655 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist wishlist allows Reflected XSS.This issue affects Wishlist: from n/a through <= 1.0.39. | ||||
| CVE-2025-24654 | 1 Squirrly | 1 Seo Plugin By Squirrly Seo | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo.This issue affects SEO Plugin by Squirrly SEO: from n/a through <= 12.4.07. | ||||
| CVE-2025-24652 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in revmakx WP Duplicate local-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Duplicate: from n/a through <= 1.1.6. | ||||
| CVE-2025-24651 | 2026-04-01 | N/A | ||
| Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Retrieve Embedded Sensitive Data.This issue affects WordPress Backup & Migration: from n/a through <= 1.5.3. | ||||
| CVE-2025-24650 | 1 Themefic | 1 Tourfic | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic allows Upload a Web Shell to a Web Server.This issue affects Tourfic: from n/a through <= 2.15.3. | ||||
| CVE-2025-24649 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements (ASE): from n/a through <= 7.6.2. | ||||
| CVE-2025-24648 | 2026-04-01 | N/A | ||
| Incorrect Privilege Assignment vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancements allows Privilege Escalation.This issue affects Admin and Site Enhancements (ASE): from n/a through <= 7.6.2.1. | ||||
| CVE-2025-24647 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in datafeedr WooCommerce Cloak Affiliate Links woocommerce-cloak-affiliate-links allows Cross Site Request Forgery.This issue affects WooCommerce Cloak Affiliate Links: from n/a through <= 1.0.35. | ||||