Slots Heaven\ CVEs and Security Vulnerabilities

Export limit exceeded: 342082 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 35), (line:1, col:36)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (342082 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-22311	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DeluxeThemes Private Messages for UserPro userpro-messaging.This issue affects Private Messages for UserPro: from n/a through <= 4.10.0.
CVE-2025-22310	2 Templatesnext, Wordpress	2 Templatesnext Toolkit, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marsian TemplatesNext ToolKit templatesnext-toolkit allows Stored XSS.This issue affects TemplatesNext ToolKit: from n/a through <= 3.2.9.
CVE-2025-22309			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RopeSwingHld SpeakOut! Email Petitions speakout allows DOM-Based XSS.This issue affects SpeakOut! Email Petitions: from n/a through <= 4.4.2.
CVE-2025-22308			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Kitajima Smart Custom Fields smart-custom-fields allows Stored XSS.This issue affects Smart Custom Fields: from n/a through <= 5.0.0.
CVE-2025-22307			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful Islam Product Table for WooCommerce woo-product-table allows Reflected XSS.This issue affects Product Table for WooCommerce: from n/a through <= 4.0.3.
CVE-2025-22306			2026-04-01	N/A
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Spencer Haws Link Whisper Free link-whisper.This issue affects Link Whisper Free: from n/a through <= 0.7.7.
CVE-2025-22305			2026-04-01	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Essential Plugin Hero Banner Ultimate hero-banner-ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through <= 1.4.4.
CVE-2025-22304			2026-04-01	N/A
Missing Authorization vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through <= 7.5.
CVE-2025-22303	1 Wpmailster	1 Wp Mailster	2026-04-01	7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through <= 1.8.17.0.
CVE-2025-22302	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in WP Grids WP Wand ai-content-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through <= 1.2.5.
CVE-2025-22301			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in zookatron MyBookTable Bookstore mybooktable allows Cross Site Request Forgery.This issue affects MyBookTable Bookstore: from n/a through <= 3.5.3.
CVE-2025-22300			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager pixelyoursite allows Cross Site Request Forgery.This issue affects PixelYourSite – Your smart PIXEL (TAG) Manager: from n/a through <= 10.0.1.2.
CVE-2025-22299	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Space Codes AI for SEO ai-for-seo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI for SEO: from n/a through <= 1.2.9.
CVE-2025-22298			2026-04-01	N/A
Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support: from n/a through <= 1.1.6.
CVE-2025-22297	1 Wordpress	1 Wordpress	2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in aipost AI WP Writer ai-wp-writer allows Cross Site Request Forgery.This issue affects AI WP Writer: from n/a through <= 3.8.4.4.
CVE-2025-22296	1 Hashthemes	1 Hash Elements	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through <= 1.5.0.
CVE-2025-22295			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tripetto WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto tripetto allows Stored XSS.This issue affects WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto: from n/a through <= 8.0.6.
CVE-2025-22294			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Reflected XSS.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.3.
CVE-2025-22293	2 Gutentor, Wordpress	2 Gutentor, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gutentor Gutentor gutentor allows DOM-Based XSS.This issue affects Gutentor: from n/a through <= 3.4.3.
CVE-2025-22292	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Felipe Peixoto Powerful Auto Chat powers-triggers-of-woo-to-chat allows Stored XSS.This issue affects Powerful Auto Chat: from n/a through <= 1.9.8.

« first previous Page 394 of 17105. next last »