Export limit exceeded: 346349 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346349 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45565 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45565 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22704 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Abinav Thakuri WordPress Signature wordpress-signature allows Reflected XSS.This issue affects WordPress Signature: from n/a through <= 0.1. | ||||
| CVE-2025-22697 | 1 Cyberchimps | 1 Responsive Blocks | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks responsive-block-editor-addons allows Reflected XSS.This issue affects Responsive Blocks: from n/a through <= 1.9.9. | ||||
| CVE-2025-22692 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rachanaS Sponsered Link sponsered-link allows Reflected XSS.This issue affects Sponsered Link: from n/a through <= 4.0. | ||||
| CVE-2025-22689 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Levan Tarbor Forex Calculators fx-calculators allows Stored XSS.This issue affects Forex Calculators: from n/a through <= 1.3.6. | ||||
| CVE-2025-22687 | 2 Asmedia, Wordpress | 2 Tuaug4, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asmedia Tuaug4 tuaug4 allows Reflected XSS.This issue affects Tuaug4: from n/a through <= 1.4. | ||||
| CVE-2025-22684 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hakan Ozevin WP BASE Booking wp-base-booking-of-appointments-services-and-events allows Stored XSS.This issue affects WP BASE Booking: from n/a through <= 5.0.0. | ||||
| CVE-2025-22683 | 1 Wpdeveloper | 1 Notificationx | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper NotificationX notificationx allows Stored XSS.This issue affects NotificationX: from n/a through <= 2.9.5. | ||||
| CVE-2025-22682 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saeed Sattar Beglou Hesabfa Accounting hesabfa-accounting allows Reflected XSS.This issue affects Hesabfa Accounting: from n/a through <= 2.1.2. | ||||
| CVE-2025-22680 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Ad Inserter Pro ad-inserter-pro allows Reflected XSS.This issue affects Ad Inserter Pro: from n/a through <= 2.7.39. | ||||
| CVE-2025-22679 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager job-board-manager allows Reflected XSS.This issue affects Job Board Manager: from n/a through <= 2.1.61. | ||||
| CVE-2025-22678 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mythemes my white my-white allows Reflected XSS.This issue affects my white: from n/a through <= 2.0.8. | ||||
| CVE-2025-22676 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in upcasted AWS S3 for WordPress Plugin – Upcasted upcasted-s3-offload allows Stored XSS.This issue affects AWS S3 for WordPress Plugin – Upcasted: from n/a through <= 3.0.3. | ||||
| CVE-2025-22675 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Alert Box Block – Display notice/alerts in the front end alert-box-block allows Stored XSS.This issue affects Alert Box Block – Display notice/alerts in the front end: from n/a through <= 1.1.0. | ||||
| CVE-2025-22674 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Get Bowtied Product Blocks for WooCommerce product-blocks-for-woocommerce allows Stored XSS.This issue affects Product Blocks for WooCommerce: from n/a through <= 1.9.1. | ||||
| CVE-2025-22664 | 1 Ays-pro | 1 Survey Maker | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.1.3.5. | ||||
| CVE-2025-22662 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter sendpulse-email-marketing-newsletter allows Stored XSS.This issue affects SendPulse Email Marketing Newsletter: from n/a through <= 2.1.5. | ||||
| CVE-2025-22661 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vcita Online Payments – Get Paid with PayPal, Square & Stripe paypal-payment-button-by-vcita allows Stored XSS.This issue affects Online Payments – Get Paid with PayPal, Square & Stripe: from n/a through <= 3.20.0. | ||||
| CVE-2025-22660 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wolfgang Include Mastodon Feed include-mastodon-feed allows DOM-Based XSS.This issue affects Include Mastodon Feed: from n/a through <= 1.9.9. | ||||
| CVE-2025-22659 | 1 Themeisle | 1 Orbit Fox | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through <= 2.10.44. | ||||
| CVE-2025-22653 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tuyennv Music Press Pro music-press-pro allows Stored XSS.This issue affects Music Press Pro: from n/a through <= 1.4.6. | ||||