CVEs and Security Vulnerabilities

Export limit exceeded: 335283 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (335283 CVEs found)

Export CSV

CVE	Updated	CVSS v3.1
CVE-2025-47464	2025-05-08	4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra allows Server Side Request Forgery. This issue affects Solace Extra: from n/a through 1.3.1.
CVE-2025-47466	2025-05-08	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate WP Mail allows Cross Site Request Forgery. This issue affects Ultimate WP Mail: from n/a through 1.3.4.
CVE-2025-47467	2025-05-08	4.3 Medium
Missing Authorization vulnerability in GS Plugins GS Testimonial Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GS Testimonial Slider: from n/a through 3.3.0.
CVE-2025-47472	2025-05-08	5.4 Medium
Missing Authorization vulnerability in codepeople Music Player for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Music Player for WooCommerce: from n/a through 1.5.1.
CVE-2025-47473	2025-05-08	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in pimwick PW WooCommerce Bulk Edit allows Cross Site Request Forgery. This issue affects PW WooCommerce Bulk Edit: from n/a through 2.134.
CVE-2025-47475	2025-05-08	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artbees JupiterX Core allows Stored XSS. This issue affects JupiterX Core: from n/a through 4.8.11.
CVE-2025-47476	2025-05-08	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org Cost Calculator for Elementor allows DOM-Based XSS. This issue affects Cost Calculator for Elementor: from n/a through 1.3.3.
CVE-2025-47480	2025-05-08	5.4 Medium
Missing Authorization vulnerability in Iqonic Design Graphina allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Graphina: from n/a through 3.0.4.
CVE-2025-47493	2025-05-08	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks allows DOM-Based XSS. This issue affects Ultimate Blocks: from n/a through 3.2.9.
CVE-2025-47496	2025-05-08	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PublishPress PublishPress Authors allows PHP Local File Inclusion. This issue affects PublishPress Authors: from n/a through 4.7.5.
CVE-2025-47510	2025-05-08	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fullworks Display Eventbrite Events allows PHP Local File Inclusion. This issue affects Display Eventbrite Events: from n/a through n/a.
CVE-2025-47514	2025-05-08	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Eli ELI's Related Posts Footer Links and Widget allows Stored XSS. This issue affects ELI's Related Posts Footer Links and Widget: from n/a through 1.2.04.20.
CVE-2025-47516	2025-05-08	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Time Clock allows Stored XSS. This issue affects Time Clock: from n/a through 1.2.3.
CVE-2025-47518	2025-05-08	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on allows Stored XSS. This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through 2.3.4.
CVE-2025-47519	2025-05-08	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal Events allows Cross Site Request Forgery. This issue affects Easy PayPal Events: from n/a through 1.2.2.
CVE-2025-47520	2025-05-08	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Charitable allows Stored XSS. This issue affects Charitable: from n/a through 1.8.5.1.
CVE-2025-47525	2025-05-08	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder allows Stored XSS. This issue affects Bold Page Builder: from n/a through 5.3.0.
CVE-2025-47526	2025-05-08	5.4 Medium
Missing Authorization vulnerability in GS Plugins GS Variation Swatches for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GS Variation Swatches for WooCommerce: from n/a through 3.0.4.
CVE-2025-47533	2025-05-08	8.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design Graphina allows PHP Local File Inclusion. This issue affects Graphina: from n/a through 3.0.4.
CVE-2025-47537	2025-05-08	7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in add-ons.org PDF Invoices for WooCommerce + Drag and Drop Template Builder allows SQL Injection. This issue affects PDF Invoices for WooCommerce + Drag and Drop Template Builder: from n/a through 5.3.8.

« first previous Page 3779 of 16765. next last »