Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45555 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-23584 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arsh91 Pin Locations on Map pin-locations-on-map allows Reflected XSS.This issue affects Pin Locations on Map: from n/a through <= 1.0.
CVE-2025-23583 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Explara Explara Membership explara-membership allows Reflected XSS.This issue affects Explara Membership: from n/a through <= 0.0.7.
CVE-2025-23582 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haider Ali Bulk Categories Assign bulk-categories-assign allows Reflected XSS.This issue affects Bulk Categories Assign: from n/a through <= 1.0.
CVE-2025-23581 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitalzoomstudio Demo User DZS demo-user-dzs-showcase-your-admin-safely allows Stored XSS.This issue affects Demo User DZS: from n/a through <= 1.1.0.
CVE-2025-23580 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthew BizLibrary bizlibrary allows Reflected XSS.This issue affects BizLibrary: from n/a through <= 1.1.
CVE-2025-23579 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitalzoomstudio DZS Ajaxer Lite dzs-ajaxer-lite-dynamic-page-load allows Stored XSS.This issue affects DZS Ajaxer Lite: from n/a through <= 1.04.
CVE-2025-23578 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Custom CSS Addons css-addons allows Reflected XSS.This issue affects Custom CSS Addons: from n/a through <= 1.9.1.
CVE-2025-23576 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cfuze WP Intro.JS wp-intro-js-tours allows Reflected XSS.This issue affects WP Intro.JS: from n/a through <= 1.1.
CVE-2025-23575 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through <= 1.1.
CVE-2025-23574 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonathan Lau CubePM cubepm allows Reflected XSS.This issue affects CubePM: from n/a through <= 1.0.
CVE-2025-23571 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in makong Internal Links Generator internal-links-generator allows Reflected XSS.This issue affects Internal Links Generator: from n/a through <= 3.51.
CVE-2025-23570 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mitchell Bundy WP Social Links wp-social-links allows Reflected XSS.This issue affects WP Social Links: from n/a through <= 0.3.1.
CVE-2025-23568 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fredsted WP Login Attempt Log wp-login-attempt-log allows Reflected XSS.This issue affects WP Login Attempt Log: from n/a through <= 1.3.
CVE-2025-23565 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Taylor Wibstats wibstats-statistics-for-wordpress-mu allows Reflected XSS.This issue affects Wibstats: from n/a through <= 0.5.5.
CVE-2025-23564 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mohsenshahbazi WP FixTag wp-fixtag allows Reflected XSS.This issue affects WP FixTag: from n/a through <= v2.0.2.
CVE-2025-23563 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mbyte Explore pages explore-pages allows Reflected XSS.This issue affects Explore pages: from n/a through <= 1.01.
CVE-2025-23561 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robertkay MLL Audio Player MP3 Ajax music-let-loose-mp3-audio-player allows Stored XSS.This issue affects MLL Audio Player MP3 Ajax: from n/a through <= 0.7.
CVE-2025-23556 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in netbitsolutions Push Envoy Notifications push-envoy allows Reflected XSS.This issue affects Push Envoy Notifications: from n/a through <= 1.0.0.
CVE-2025-23555 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chenyenming Ui Slider Filter By Price ui-slider-filter-by-price allows Reflected XSS.This issue affects Ui Slider Filter By Price: from n/a through <= 1.1.
CVE-2025-23554 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jakub Glos Off Page SEO off-page-seo allows Reflected XSS.This issue affects Off Page SEO: from n/a through <= 3.0.3.