Export limit exceeded: 341868 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341868 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69319 | 2 Wordpress, Wpbeaverbuilder | 2 Wordpress, Beaver Builder | 2026-04-01 | 7.5 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Code Injection.This issue affects Beaver Builder: from n/a through <= 2.9.4.1. | ||||
| CVE-2025-69318 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hossni Mubarak JobWP jobwp allows Stored XSS.This issue affects JobWP: from n/a through <= 2.4.5. | ||||
| CVE-2025-69317 | 2 Scriptsbundle, Wordpress | 2 Carspot, Wordpress | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scriptsbundle CarSpot carspot allows Reflected XSS.This issue affects CarSpot: from n/a through < 2.4.6. | ||||
| CVE-2025-69316 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 TableOn posts-table-filterable allows Reflected XSS.This issue affects TableOn: from n/a through <= 1.0.4.2. | ||||
| CVE-2025-69315 | 2 Nsquared, Wordpress | 2 Simply Schedule Appointments, Wordpress | 2026-04-01 | 6.5 Medium |
| Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through <= 1.6.9.15. | ||||
| CVE-2025-69314 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through < 4.8.3. | ||||
| CVE-2025-69313 | 2 Wordpress, Wpxpo | 2 Wordpress, Postx | 2026-04-01 | 7.5 High |
| Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 5.0.3. | ||||
| CVE-2025-69312 | 2 Wordpress, Xpro | 2 Wordpress, Xpro Elementor Addons | 2026-04-01 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Upload a Web Shell to a Web Server.This issue affects Xpro Elementor Addons: from n/a through <= 1.4.19.1. | ||||
| CVE-2025-69311 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.6 High |
| Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through <= 1.52.1. | ||||
| CVE-2025-69310 | 2 Teconcetheme, Wordpress | 2 Woodly Core, Wordpress | 2026-04-01 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Woodly Core woodly-core allows Blind SQL Injection.This issue affects Woodly Core: from n/a through <= 1.4. | ||||
| CVE-2025-69309 | 2 Teconcetheme, Wordpress | 2 Saasplate Core, Wordpress | 2026-04-01 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Saasplate Core saasplate-core allows Blind SQL Injection.This issue affects Saasplate Core: from n/a through <= 1.2.8. | ||||
| CVE-2025-69308 | 2 Teconcetheme, Wordpress | 2 Nestbyte Core, Wordpress | 2026-04-01 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Nestbyte Core nestbyte-core allows Blind SQL Injection.This issue affects Nestbyte Core: from n/a through <= 1.2. | ||||
| CVE-2025-69307 | 2 Teconcetheme, Wordpress | 2 Medinik Core, Wordpress | 2026-04-01 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Medinik Core medinik-core allows Blind SQL Injection.This issue affects Medinik Core: from n/a through <= 1.3.6. | ||||
| CVE-2025-69306 | 2 Teconcetheme, Wordpress | 2 Electio Core, Wordpress | 2026-04-01 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Electio Core electio-core allows Blind SQL Injection.This issue affects Electio Core: from n/a through <= 1.4. | ||||
| CVE-2025-69305 | 2 Teconcetheme, Wordpress | 2 Crete Core, Wordpress | 2026-04-01 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Crete Core crete-core allows Blind SQL Injection.This issue affects Crete Core: from n/a through <= 1.4.3. | ||||
| CVE-2025-69304 | 2 Teconcetheme, Wordpress | 2 Allmart, Wordpress | 2026-04-01 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Allmart allmart-core allows Blind SQL Injection.This issue affects Allmart: from n/a through <= 1.1. | ||||
| CVE-2025-69303 | 2 Modeltheme, Wordpress | 2 Modeltheme Framework, Wordpress | 2026-04-01 | 7.5 High |
| Missing Authorization vulnerability in modeltheme ModelTheme Framework modeltheme-framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ModelTheme Framework: from n/a through <= 1.9.2. | ||||
| CVE-2025-69302 | 2 Designthemes, Wordpress | 2 Designthemes Core Features, Wordpress | 2026-04-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes DesignThemes Core Features designthemes-core-features allows Reflected XSS.This issue affects DesignThemes Core Features: from n/a through <= 2.3. | ||||
| CVE-2025-69301 | 2 Themegoods, Wordpress | 2 Photome, Wordpress | 2026-04-01 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injection.This issue affects PhotoMe: from n/a through <= 5.6.11. | ||||
| CVE-2025-69300 | 2 Leap13, Wordpress | 2 Premium Addons For Elementor, Wordpress | 2026-04-01 | 5.4 Medium |
| Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through <= 4.11.63. | ||||