Export limit exceeded: 12006 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12006 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25097 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kwiliarty External Video For Everybody external-video-for-everybody allows Stored XSS.This issue affects External Video For Everybody: from n/a through <= 2.1.1. | ||||
| CVE-2025-25096 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in titusbicknell RSS in Page rss-in-page allows Stored XSS.This issue affects RSS in Page: from n/a through <= 2.9.1. | ||||
| CVE-2025-25095 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through <= 2.1. | ||||
| CVE-2025-25093 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in paulswarthout Child Themes Helper child-themes-helper allows Path Traversal.This issue affects Child Themes Helper: from n/a through <= 2.2.7. | ||||
| CVE-2025-25092 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gtlwpdev All push notification for WP all-push-notification allows Reflected XSS.This issue affects All push notification for WP: from n/a through <= 1.5.3. | ||||
| CVE-2025-25090 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dreamstime Dreamstime Stock Photos dreamstime-stock-photos allows Reflected XSS.This issue affects Dreamstime Stock Photos: from n/a through <= 4.1. | ||||
| CVE-2025-25089 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in appten Image Rotator appten-image-rotator allows Reflected XSS.This issue affects Image Rotator: from n/a through <= 2.0. | ||||
| CVE-2025-25088 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in blackus3r WP Keyword Monitor wp-keyword-monitor allows Cross Site Request Forgery.This issue affects WP Keyword Monitor: from n/a through <= 1.0.5. | ||||
| CVE-2025-25087 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim seekXL Snapr seekxl-snapr allows Reflected XSS.This issue affects seekXL Snapr: from n/a through <= 2.0.6. | ||||
| CVE-2025-25085 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matt_mcbrien WP SimpleWeather wp-simpleweather allows Stored XSS.This issue affects WP SimpleWeather: from n/a through <= 0.2.5. | ||||
| CVE-2025-25083 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dave Lavoie EP4 More Embeds ep4-more-embeds allows Stored XSS.This issue affects EP4 More Embeds: from n/a through <= 1.0.0. | ||||
| CVE-2025-25082 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Chirkov FlexIDX Home Search flexidx-home-search allows Stored XSS.This issue affects FlexIDX Home Search: from n/a through <= 2.1.2. | ||||
| CVE-2025-25081 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.8 Medium |
| Missing Authorization vulnerability in DeannaS Embed RSS embed-rss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Embed RSS: from n/a through <= 3.1. | ||||
| CVE-2025-25080 | 2 Gubbigubbi, Wordpress | 2 Kona Gallery Block, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gubbigubbi Kona Gallery Block kona-instagram-feed-for-gutenberg allows Stored XSS.This issue affects Kona Gallery Block: from n/a through <= 1.7. | ||||
| CVE-2025-25073 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vasilis Triantafyllou Easy WP Tiles easy-wp-tiles allows Stored XSS.This issue affects Easy WP Tiles: from n/a through <= 1. | ||||
| CVE-2025-25072 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in thunderbax WP Admin Custom Page wp-admin-custom-page allows Stored XSS.This issue affects WP Admin Custom Page: from n/a through <= 1.5.0. | ||||
| CVE-2025-25070 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ed atrero Album Reviewer albumreviewer allows Stored XSS.This issue affects Album Reviewer: from n/a through <= 2.0.2. | ||||
| CVE-2025-24779 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in NooTheme Yogi yogi allows Object Injection.This issue affects Yogi: from n/a through < 2.9.3. | ||||
| CVE-2025-24777 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in awethemes Hillter hillter allows Object Injection.This issue affects Hillter: from n/a through <= 3.0.7. | ||||
| CVE-2025-24775 | 2 Madeit, Wordpress | 2 Forms, Wordpress | 2026-04-23 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms forms-by-made-it allows Upload a Web Shell to a Web Server.This issue affects Forms: from n/a through <= 2.9.0. | ||||