Export limit exceeded: 342055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342055 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22499 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FAKTOR VIER F4 Post Tree f4-tree allows Reflected XSS.This issue affects F4 Post Tree: from n/a through <= 1.1.18. | ||||
| CVE-2025-22498 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N3wNormal LucidLMS lucidlms allows Reflected XSS.This issue affects LucidLMS: from n/a through <= 1.0.5. | ||||
| CVE-2025-22497 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bramwaas Simple Google Calendar Outlook Events Block Widget simple-google-icalendar-widget allows Stored XSS.This issue affects Simple Google Calendar Outlook Events Block Widget: from n/a through <= 2.5.0. | ||||
| CVE-2025-22496 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MarMar8x Notif Bell notif-bell allows Stored XSS.This issue affects Notif Bell: from n/a through <= 0.9.8. | ||||
| CVE-2025-22364 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Service Shogun Ach Invoice App ach-invoice-app allows PHP Local File Inclusion.This issue affects Ach Invoice App: from n/a through <= 1.0.1. | ||||
| CVE-2025-22363 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Hermann LAHAMI Allada T-shirt Designer for Woocommerce allada-tshirt-designer-for-woocommerce.This issue affects Allada T-shirt Designer for Woocommerce: from n/a through <= 1.1. | ||||
| CVE-2025-22362 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Bakovic WPAchievements Free wpachievements-free allows Stored XSS.This issue affects WPAchievements Free: from n/a through <= 1.2.0. | ||||
| CVE-2025-22361 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Opentracker Opentracker Analytics opentracker-analytics allows Reflected XSS.This issue affects Opentracker Analytics: from n/a through <= 1.3. | ||||
| CVE-2025-22360 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in promact WP Azure offload wp-azure-offload allows Reflected XSS.This issue affects WP Azure offload: from n/a through <= 2.0. | ||||
| CVE-2025-22359 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pjfc SyncFields syncfields allows Reflected XSS.This issue affects SyncFields: from n/a through <= 2.1. | ||||
| CVE-2025-22358 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simone Marcon Wp advertising management advertising-management allows Reflected XSS.This issue affects Wp advertising management: from n/a through <= 1.0.3. | ||||
| CVE-2025-22357 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdever Target Notifications target-notifications allows Reflected XSS.This issue affects Target Notifications: from n/a through <= 1.1.1. | ||||
| CVE-2025-22356 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stencies Stencies stencies allows Reflected XSS.This issue affects Stencies: from n/a through <= 0.58. | ||||
| CVE-2025-22355 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in asokaaso2 Kikx Simple Post Author Filter sa-post-author-filter allows Reflected XSS.This issue affects Kikx Simple Post Author Filter: from n/a through <= 1.0. | ||||
| CVE-2025-22353 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bvads BVD Easy Gallery Manager bvd-easy-gallery-manager allows Reflected XSS.This issue affects BVD Easy Gallery Manager: from n/a through <= 1.0.6. | ||||
| CVE-2025-22352 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes elex-bulk-edit-products-prices-attributes-for-woocommerce-basic allows Blind SQL Injection.This issue affects ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes: from n/a through <= 1.4.9. | ||||
| CVE-2025-22351 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in penguinarts Contact Form 7 Database – CFDB7 advanced-cf7-database allows SQL Injection.This issue affects Contact Form 7 Database – CFDB7: from n/a through <= 1.0.0. | ||||
| CVE-2025-22349 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Marka WordPress Auction Plugin wp-auctions allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through <= 3.7. | ||||
| CVE-2025-22348 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in rtowebsites DynamicTags dynamictags allows Blind SQL Injection.This issue affects DynamicTags: from n/a through <= 1.4.0. | ||||
| CVE-2025-22347 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through <= 3.9. | ||||