Export limit exceeded: 346195 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346195 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30892 | 2026-04-23 | 8.8 High | ||
| Deserialization of Untrusted Data vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Object Injection.This issue affects WpTravelly: from n/a through <= 1.8.7. | ||||
| CVE-2025-30891 | 2026-04-23 | 8.8 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam WpTravelly tour-booking-manager allows PHP Local File Inclusion.This issue affects WpTravelly: from n/a through <= 1.8.7. | ||||
| CVE-2025-30890 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SuitePlugins Login Widget for Ultimate Member login-widget-for-ultimate-member allows PHP Local File Inclusion.This issue affects Login Widget for Ultimate Member: from n/a through <= 1.1.2. | ||||
| CVE-2025-30889 | 2026-04-23 | 8.8 High | ||
| Deserialization of Untrusted Data vulnerability in PickPlugins Testimonial Slider testimonial allows Object Injection.This issue affects Testimonial Slider: from n/a through <= 2.0.13. | ||||
| CVE-2025-30888 | 2026-04-23 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Cross Site Request Forgery.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through <= 1.1. | ||||
| CVE-2025-30887 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 4.2.9. | ||||
| CVE-2025-30886 | 1 Joomsky | 1 Js Help Desk | 2026-04-23 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows SQL Injection.This issue affects JS Help Desk: from n/a through <= 2.9.2. | ||||
| CVE-2025-30885 | 2026-04-23 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through <= 2.18.0. | ||||
| CVE-2025-30884 | 2026-04-23 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through <= 2.4.10. | ||||
| CVE-2025-30883 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in richplugins Trust.Reviews fb-reviews-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trust.Reviews: from n/a through <= 2.3. | ||||
| CVE-2025-30882 | 2 Joomsky, Wordpress | 2 Js Help Desk, Wordpress | 2026-04-23 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.1. | ||||
| CVE-2025-30881 | 2 Themehunk, Wordpress | 2 Big Store, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in themehunk Big Store big-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Big Store: from n/a through <= 2.0.8. | ||||
| CVE-2025-30880 | 2 Joomsky, Wordpress | 2 Js Help Desk, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2. | ||||
| CVE-2025-30879 | 2026-04-23 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert allows SQL Injection.This issue affects MC Woocommerce Wishlist: from n/a through <= 1.8.9. | ||||
| CVE-2025-30878 | 1 Joomsky | 1 Js Help Desk | 2026-04-23 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.2. | ||||
| CVE-2025-30877 | 2026-04-23 | 2.7 Low | ||
| Missing Authorization vulnerability in fatcatapps Quiz Cat quiz-cat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz Cat: from n/a through <= 3.0.8. | ||||
| CVE-2025-30876 | 2026-04-23 | 9.3 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows SQL Injection.This issue affects Ads by WPQuads: from n/a through <= 2.0.87.1. | ||||
| CVE-2025-30875 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexandre Froger WP Weixin wp-weixin allows Stored XSS.This issue affects WP Weixin: from n/a through <= 1.3.16. | ||||
| CVE-2025-30874 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through <= 0.5.3. | ||||
| CVE-2025-30873 | 1 Wpsoul | 1 Greenshift | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Stored XSS.This issue affects Greenshift: from n/a through <= 11.0.2. | ||||