Export limit exceeded: 11477 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45567 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45567 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22529 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wordpresteem WE Blocks we-blocks allows Stored XSS.This issue affects WE Blocks: from n/a through <= 1.3.5. | ||||
| CVE-2025-22528 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Huurkalender.nl Huurkalender WP huurkalender-wp allows Stored XSS.This issue affects Huurkalender WP: from n/a through <= 1.5.6. | ||||
| CVE-2025-22525 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bharat Kambariya Donation Block For PayPal donations-block allows Stored XSS.This issue affects Donation Block For PayPal: from n/a through <= 2.2.0. | ||||
| CVE-2025-22524 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in formafzar فرم ساز فرم افزار formafzar allows Stored XSS.This issue affects فرم ساز فرم افزار: from n/a through <= 2.0. | ||||
| CVE-2025-22522 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roya khosravi SingSong singsong allows Stored XSS.This issue affects SingSong: from n/a through <= 1.2. | ||||
| CVE-2025-22521 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Farrell wp Hosting Performance Check wp-hosting-performance-check allows Reflected XSS.This issue affects wp Hosting Performance Check: from n/a through <= 2.18.8. | ||||
| CVE-2025-22518 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginsPoint Justified Image Gallery justified-image-gallery allows Stored XSS.This issue affects Justified Image Gallery: from n/a through <= 1.0. | ||||
| CVE-2025-22517 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Huson List Pages at Depth list-pages-at-depth allows Stored XSS.This issue affects List Pages at Depth: from n/a through <= 1.5. | ||||
| CVE-2025-22516 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hpinfosys Metadata SEO metadata-seo allows Stored XSS.This issue affects Metadata SEO: from n/a through <= 2.3. | ||||
| CVE-2025-22515 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simon Show Google Analytics widget show-google-analytics-widget allows Stored XSS.This issue affects Show Google Analytics widget: from n/a through <= 1.5.4. | ||||
| CVE-2025-22514 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yamna Khawaja KNR Author List Widget knr-author-list-widget allows Reflected XSS.This issue affects KNR Author List Widget: from n/a through <= 3.1.1. | ||||
| CVE-2025-22513 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Simple Locator simple-locator allows Reflected XSS.This issue affects Simple Locator: from n/a through <= 2.0.4. | ||||
| CVE-2025-22511 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ella Van Durpe Slides & Presentations slide allows Stored XSS.This issue affects Slides & Presentations: from n/a through <= 0.0.39. | ||||
| CVE-2025-22506 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smart Agenda Smart Agenda smart-agenda-prise-de-rendez-vous-en-ligne allows Stored XSS.This issue affects Smart Agenda: from n/a through <= 4.7. | ||||
| CVE-2025-22500 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ali Ali Alpha Price Table For Elementor alpha-price-table-for-elementor allows DOM-Based XSS.This issue affects Alpha Price Table For Elementor: from n/a through <= 1.2.0. | ||||
| CVE-2025-22499 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FAKTOR VIER F4 Post Tree f4-tree allows Reflected XSS.This issue affects F4 Post Tree: from n/a through <= 1.1.18. | ||||
| CVE-2025-22498 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N3wNormal LucidLMS lucidlms allows Reflected XSS.This issue affects LucidLMS: from n/a through <= 1.0.5. | ||||
| CVE-2025-22497 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bramwaas Simple Google Calendar Outlook Events Block Widget simple-google-icalendar-widget allows Stored XSS.This issue affects Simple Google Calendar Outlook Events Block Widget: from n/a through <= 2.5.0. | ||||
| CVE-2025-22496 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MarMar8x Notif Bell notif-bell allows Stored XSS.This issue affects Notif Bell: from n/a through <= 0.9.8. | ||||
| CVE-2025-22365 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric McNiece EMC2 Alert Boxes emc2-alert-boxes allows Stored XSS.This issue affects EMC2 Alert Boxes: from n/a through <= 1.3. | ||||