Search

Expected end of text, found ':' (at char 35), (line:1, col:36)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347025 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-51399 1 Wpfactory 1 Back Button Widget 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3.
CVE-2023-51396 1 Brizy 1 Brizy 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brizy.Io Brizy – Page Builder allows Stored XSS.This issue affects Brizy – Page Builder: from n/a through 2.4.29.
CVE-2023-51373 1 Nakunakifi 1 Google Photos Gallery With Shortcodes 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ian Kennerley Google Photos Gallery with Shortcodes allows Reflected XSS.This issue affects Google Photos Gallery with Shortcodes: from n/a through 4.0.2.
CVE-2023-51371 1 Bitapps 1 Bit Assist 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bit Assist Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating Chat Widget allows Stored XSS.This issue affects Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating Chat Widget: from n/a through 1.1.9.
CVE-2023-51372 1 Hasthemes 1 Hashbar 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HashBar – WordPress Notification Bar allows Stored XSS.This issue affects HashBar – WordPress Notification Bar: from n/a through 1.4.1.
CVE-2023-51369 1 Sysbasics 1 Customize My Account 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in SysBasics Customize My Account for WooCommerce.This issue affects Customize My Account for WooCommerce: from n/a through 1.8.3.
CVE-2023-50902 1 Wpexperts 1 New User Approve 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WPExpertsio New User Approve.This issue affects New User Approve: from n/a through 2.5.1.
CVE-2023-50896 1 Weformspro 1 Weforms 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weForms weForms – Easy Drag & Drop Contact Form Builder For WordPress allows Stored XSS.This issue affects weForms – Easy Drag & Drop Contact Form Builder For WordPress: from n/a through 1.6.17.
CVE-2023-50901 1 Hasthemes 1 Ht Mega 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.8.
CVE-2023-51370 1 Ninjateam 1 Wp Chat App 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NinjaTeam WP Chat App allows Stored XSS.This issue affects WP Chat App: from n/a through 3.4.4.
CVE-2023-51361 1 Gingerplugins 1 Sticky Chat Widget 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button allows Stored XSS.This issue affects Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button: from n/a through 1.1.8.
CVE-2023-51354 1 Webba-booking 1 Webba Booking 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WebbaPlugins Appointment & Event Booking Calendar Plugin – Webba Booking.This issue affects Appointment & Event Booking Calendar Plugin – Webba Booking: from n/a through 4.5.33.
CVE-2023-51358 1 Brightplugins 1 Block Ips For Gravity Forms 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1.
CVE-2023-50905 2 Melapress, Wordpress 2 Wp Activity Log, Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows Stored XSS.This issue affects WP Activity Log: from n/a through 4.6.1.
CVE-2023-50899 2026-04-28 5.4 Medium
Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through 5.0.2.
CVE-2023-50898 1 Sirv 1 Sirv 2026-04-28 5.4 Medium
Missing Authorization vulnerability in sirv.Com Sirv.This issue affects Sirv: from n/a through 7.1.2.
CVE-2023-50893 1 Upsolution 1 Impreza 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UpSolution Impreza – WordPress Website and WooCommerce Builder allows Reflected XSS.This issue affects Impreza – WordPress Website and WooCommerce Builder: from n/a through 8.17.4.
CVE-2023-50892 1 Codex-themes 1 Thegem 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme allows Reflected XSS.This issue affects TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme: from n/a through 5.9.1.
CVE-2023-50886 1 Wpwax 1 Legal Pages 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF), Incorrect Authorization vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.3.7.
CVE-2023-50891 1 Zohocorp 1 Zoho Forms 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress – Zoho Forms: from n/a through 3.0.1.