Export limit exceeded: 78972 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (78972 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46488 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Missing Authorization vulnerability in dastan800 Visual Builder visual-builder allows Reflected XSS.This issue affects Visual Builder: from n/a through <= 1.2.2. | ||||
| CVE-2025-46487 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sftranna EC Authorize.net ec-authorizenet allows Reflected XSS.This issue affects EC Authorize.net: from n/a through <= 0.3.3. | ||||
| CVE-2025-46481 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Michael Cannon Flickr Shortcode Importer flickr-shortcode-importer allows Object Injection.This issue affects Flickr Shortcode Importer: from n/a through <= 2.2.3. | ||||
| CVE-2025-46478 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in metaloha Dropdown Content dropdown-content allows Stored XSS.This issue affects Dropdown Content: from n/a through <= 1.0.2. | ||||
| CVE-2025-46474 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SEUR OFICIAL SEUR Oficial seur allows PHP Local File Inclusion.This issue affects SEUR Oficial: from n/a through <= 2.2.23. | ||||
| CVE-2025-46473 | 2026-04-23 | 7.2 High | ||
| Deserialization of Untrusted Data vulnerability in Prisna Social Counter social-counter allows Object Injection.This issue affects Social Counter: from n/a through <= 2.0.5. | ||||
| CVE-2025-46466 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in felixtz Modern Polls modern-polls allows Stored XSS.This issue affects Modern Polls: from n/a through <= 1.0.10. | ||||
| CVE-2025-46465 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in John Weissberg Print Science Designer print-science-designer allows Stored XSS.This issue affects Print Science Designer: from n/a through <= 1.3.155. | ||||
| CVE-2025-46463 | 2026-04-23 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yamna Khawaja Mailing Group Listserv wp-mailing-group allows SQL Injection.This issue affects Mailing Group Listserv: from n/a through <= 3.0.4. | ||||
| CVE-2025-46458 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan occupancyplan allows SQL Injection.This issue affects occupancyplan: from n/a through <= 1.0.3.0. | ||||
| CVE-2025-46457 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ahsanullah Akanda Wp Custom CMS Block wp-custom-cms-block allows Stored XSS.This issue affects Wp Custom CMS Block: from n/a through <= 2.1. | ||||
| CVE-2025-46456 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason Theme Blvd Sliders theme-blvd-sliders allows Reflected XSS.This issue affects Theme Blvd Sliders: from n/a through <= 1.2.5. | ||||
| CVE-2025-46454 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in svil4ok Meta Keywords & Description wp-meta-keywords-meta-description allows PHP Local File Inclusion.This issue affects Meta Keywords & Description: from n/a through <= 0.8. | ||||
| CVE-2025-46452 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Olav Kolbu Google News google-news allows Stored XSS.This issue affects Google News: from n/a through <= 2.5.1. | ||||
| CVE-2025-46450 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan occupancyplan allows Stored XSS.This issue affects occupancyplan: from n/a through <= 1.0.3.0. | ||||
| CVE-2025-46449 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Novium WoWHead Tooltips wowhead-tooltips allows Stored XSS.This issue affects WoWHead Tooltips: from n/a through <= 2.0.1. | ||||
| CVE-2025-46448 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reifsnyderb Document Management System dms allows Reflected XSS.This issue affects Document Management System: from n/a through <= 1.24. | ||||
| CVE-2025-46446 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivanrojas Libro de Reclamaciones libro-de-reclamaciones allows Stored XSS.This issue affects Libro de Reclamaciones: from n/a through <= 1.0.1. | ||||
| CVE-2025-46444 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in scripteo Ads Pro ap-plugin-scripteo allows PHP Local File Inclusion.This issue affects Ads Pro: from n/a through <= 4.89. | ||||
| CVE-2025-46442 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Casey Johnson Loan Calculator repayment-calculator allows Stored XSS.This issue affects Loan Calculator: from n/a through <= 1.3. | ||||