Export limit exceeded: 45633 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45633 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23975 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cheesefather Botnet Attack Blocker botnet-attack-blocker allows Stored XSS.This issue affects Botnet Attack Blocker: from n/a through <= 2.0.0. | ||||
| CVE-2025-23973 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dugudlabs SpecFit-Virtual Try On Woocommerce try-on-for-woocommerce allows Stored XSS.This issue affects SpecFit-Virtual Try On Woocommerce: from n/a through <= 8.0.3. | ||||
| CVE-2025-23966 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ala Falaki a Gateway for Pasargad Bank on WooCommerce a-gateway-for-pasargad-bank-on-woocommerce allows Reflected XSS.This issue affects a Gateway for Pasargad Bank on WooCommerce: from n/a through <= 2.5.2. | ||||
| CVE-2025-23965 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kopatheme Kopa Nictitate Toolkit kopa-nictitate-toolkit allows Stored XSS.This issue affects Kopa Nictitate Toolkit: from n/a through <= 1.0.2. | ||||
| CVE-2025-23964 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ajitae Google Plus google-plus-google allows Reflected XSS.This issue affects Google Plus: from n/a through <= 1.0.2. | ||||
| CVE-2025-23960 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL save-import-image-from-url allows Reflected XSS.This issue affects Save & Import Image from URL: from n/a through <= 0.7. | ||||
| CVE-2025-23959 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Linus Lundahl Good Old Gallery good-old-gallery allows Reflected XSS.This issue affects Good Old Gallery: from n/a through <= 2.1.2. | ||||
| CVE-2025-23956 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Leishman WP Easy Post Mailer wp-mailer allows Reflected XSS.This issue affects WP Easy Post Mailer: from n/a through <= 0.64. | ||||
| CVE-2025-23951 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DIVENGINE Gallery: Hybrid – Advanced Visual Gallery hybrid-gallery allows Stored XSS.This issue affects Gallery: Hybrid – Advanced Visual Gallery: from n/a through <= 1.4.0.2. | ||||
| CVE-2025-23950 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ezmarketing EZPlayer ezplayer allows Stored XSS.This issue affects EZPlayer: from n/a through <= 1.0.10. | ||||
| CVE-2025-23947 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M.J WP-Player wp-player allows Stored XSS.This issue affects WP-Player: from n/a through <= 2.6.1. | ||||
| CVE-2025-23946 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Le-Pixel-Solitaire Enhanced YouTube Shortcode enhanced-youtube-shortcode allows Stored XSS.This issue affects Enhanced YouTube Shortcode: from n/a through <= 2.0.1. | ||||
| CVE-2025-23943 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aruvi PDF.js Shortcode pdfjs-shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through <= 1.0. | ||||
| CVE-2025-23941 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in meinturnierplan MeinTurnierplan.de Widget Viewer meinturnierplande-widget-viewer allows Stored XSS.This issue affects MeinTurnierplan.de Widget Viewer: from n/a through <= 1.1. | ||||
| CVE-2025-23940 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in horiyuki Image Switcher image-switcher allows Stored XSS.This issue affects Image Switcher: from n/a through <= 0.1.1. | ||||
| CVE-2025-23939 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KHAN-IT Image Switcher image-switcher allows Stored XSS.This issue affects Image Switcher: from n/a through <= 1.1. | ||||
| CVE-2025-23936 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harun R. Rayhan(thecrazycoder) CC Circle Progress Bar cc-circle-progress-bar allows Stored XSS.This issue affects CC Circle Progress Bar: from n/a through <= 1.0.0. | ||||
| CVE-2025-23935 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fengler Magic Google Maps magic-google-maps allows Stored XSS.This issue affects Magic Google Maps: from n/a through <= 1.0.4. | ||||
| CVE-2025-23934 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sam Brodie Giveaways and Contests by PromoSimple giveaways-contests-by-promosimple allows Stored XSS.This issue affects Giveaways and Contests by PromoSimple: from n/a through <= 1.24. | ||||
| CVE-2025-23933 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpfreeware WpF Ultimate Carousel wpf-ultimate-carousel allows Stored XSS.This issue affects WpF Ultimate Carousel: from n/a through <= 1.0.11. | ||||