Export limit exceeded: 78926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (78926 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46465 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in John Weissberg Print Science Designer print-science-designer allows Stored XSS.This issue affects Print Science Designer: from n/a through <= 1.3.155. | ||||
| CVE-2025-46463 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yamna Khawaja Mailing Group Listserv wp-mailing-group allows SQL Injection.This issue affects Mailing Group Listserv: from n/a through <= 3.0.4. | ||||
| CVE-2025-46458 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan occupancyplan allows SQL Injection.This issue affects occupancyplan: from n/a through <= 1.0.3.0. | ||||
| CVE-2025-46457 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ahsanullah Akanda Wp Custom CMS Block wp-custom-cms-block allows Stored XSS.This issue affects Wp Custom CMS Block: from n/a through <= 2.1. | ||||
| CVE-2025-46456 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason Theme Blvd Sliders theme-blvd-sliders allows Reflected XSS.This issue affects Theme Blvd Sliders: from n/a through <= 1.2.5. | ||||
| CVE-2025-46454 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in svil4ok Meta Keywords & Description wp-meta-keywords-meta-description allows PHP Local File Inclusion.This issue affects Meta Keywords & Description: from n/a through <= 0.8. | ||||
| CVE-2025-46452 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Olav Kolbu Google News google-news allows Stored XSS.This issue affects Google News: from n/a through <= 2.5.1. | ||||
| CVE-2025-46450 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan occupancyplan allows Stored XSS.This issue affects occupancyplan: from n/a through <= 1.0.3.0. | ||||
| CVE-2025-46449 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Novium WoWHead Tooltips wowhead-tooltips allows Stored XSS.This issue affects WoWHead Tooltips: from n/a through <= 2.0.1. | ||||
| CVE-2025-46448 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reifsnyderb Document Management System dms allows Reflected XSS.This issue affects Document Management System: from n/a through <= 1.24. | ||||
| CVE-2025-46446 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivanrojas Libro de Reclamaciones libro-de-reclamaciones allows Stored XSS.This issue affects Libro de Reclamaciones: from n/a through <= 1.0.1. | ||||
| CVE-2025-46444 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in scripteo Ads Pro ap-plugin-scripteo allows PHP Local File Inclusion.This issue affects Ads Pro: from n/a through <= 4.89. | ||||
| CVE-2025-46442 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Casey Johnson Loan Calculator repayment-calculator allows Stored XSS.This issue affects Loan Calculator: from n/a through <= 1.3. | ||||
| CVE-2025-46440 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark kStats Reloaded kstats-reloaded allows Reflected XSS.This issue affects kStats Reloaded: from n/a through <= 0.7.4. | ||||
| CVE-2025-46439 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.4 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac Plugin Central plugin-central allows Path Traversal.This issue affects Plugin Central: from n/a through <= 2.5.1. | ||||
| CVE-2025-46437 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tayoricom Tayori Form tayori allows Reflected XSS.This issue affects Tayori Form: from n/a through <= 1.2.9. | ||||
| CVE-2025-46435 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Yash Binani Time Based Greeting time-based-greeting allows Stored XSS.This issue affects Time Based Greeting: from n/a through <= 2.2.2. | ||||
| CVE-2025-46255 | 2 Marketing Fire, Wordpress | 2 Loginwp, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in Marketing Fire LLC LoginWP - Pro loginwp-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LoginWP - Pro: from n/a through <= 4.0.8.5. | ||||
| CVE-2025-46252 | 1 Kofimokome | 1 Message Filter For Contact Form 7 | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kofi Mokome Message Filter for Contact Form 7 cf7-message-filter allows SQL Injection.This issue affects Message Filter for Contact Form 7: from n/a through <= 1.6.3.2. | ||||
| CVE-2025-46251 | 1 E4jconnect | 1 Vikrestaurants Table Reservations And Take-away | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in e4jvikwp VikRestaurants vikrestaurants allows Cross Site Request Forgery.This issue affects VikRestaurants: from n/a through <= 1.3.3. | ||||