Export limit exceeded: 341885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341885 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24757 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in AndonDesign uDesign udesign.This issue affects uDesign: from n/a through <= 4.11.2. | ||||
| CVE-2025-24756 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in mgplugin Roi Calculator roi-calculator allows Stored XSS.This issue affects Roi Calculator: from n/a through <= 1.0. | ||||
| CVE-2025-24755 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Stored XSS.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 4.6.0. | ||||
| CVE-2025-24754 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through <= 3.4.0. | ||||
| CVE-2025-24753 | 1 Kadencewp | 1 Gutenberg Blocks With Ai | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.3.1. | ||||
| CVE-2025-24752 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Reflected XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.0.14. | ||||
| CVE-2025-24751 | 2 Godaddy, Wordpress | 2 Coblocks, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in GoDaddy CoBlocks coblocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoBlocks: from n/a through <= 3.1.13. | ||||
| CVE-2025-24750 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through <= 8.1.0. | ||||
| CVE-2025-24748 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in ThemeFusion Avada avada.This issue affects Avada: from n/a through <= 7.11.10. | ||||
| CVE-2025-24747 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through <= 3.4.0. | ||||
| CVE-2025-24746 | 1 Code-atlantic | 1 Popup Maker | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Iser Popup Maker popup-maker allows Stored XSS.This issue affects Popup Maker: from n/a through <= 1.20.2. | ||||
| CVE-2025-24745 | 2 Radiustheme, Wordpress | 2 Classified Listing, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Classified Listing classified-listing allows Reflected XSS.This issue affects Classified Listing: from n/a through <= 4.0.1. | ||||
| CVE-2025-24743 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through <= 1.5.2. | ||||
| CVE-2025-24742 | 1 Codecabin | 1 Wp Go Maps | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP Go Maps: from n/a through <= 9.0.40. | ||||
| CVE-2025-24741 | 1 Logon | 1 Kb Support | 2026-04-01 | 6.1 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in LOGON KB Support kb-support.This issue affects KB Support: from n/a through <= 1.6.7. | ||||
| CVE-2025-24740 | 2 Thimpress, Wordpress | 2 Learnpress, Wordpress | 2026-04-01 | N/A |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress learnpress.This issue affects LearnPress: from n/a through <= 4.2.7.1. | ||||
| CVE-2025-24739 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel FluentSMTP fluent-smtp allows Cross Site Request Forgery.This issue affects FluentSMTP: from n/a through <= 2.2.80. | ||||
| CVE-2025-24738 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Jerry Rietveld Call Now Button call-now-button allows Cross Site Request Forgery.This issue affects Call Now Button: from n/a through <= 1.4.13. | ||||
| CVE-2025-24737 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Mat Bao Corporation WP Helper Premium wp-helper-lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Helper Premium: from n/a through <= 4.6.1. | ||||
| CVE-2025-24736 | 1 Metaphorcreations | 1 Post Duplicator | 2026-04-01 | N/A |
| Missing Authorization vulnerability in metaphorcreations Post Duplicator post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Duplicator: from n/a through <= 2.35. | ||||