Export limit exceeded: 347263 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347263 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25084 | 2026-04-29 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in antrouss UniTimetable unitimetable allows Stored XSS.This issue affects UniTimetable: from n/a through <= 1.1. | ||||
| CVE-2025-26953 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in Crocoblock JetMenu jet-menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetMenu: from n/a through <= 2.4.9. | ||||
| CVE-2025-26917 | 1 Hasthemes | 1 Wp Templata | 2026-04-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WP Templata wptemplata allows Reflected XSS.This issue affects WP Templata: from n/a through <= 1.0.7. | ||||
| CVE-2025-26942 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in Crocoblock JetTricks jet-tricks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetTricks: from n/a through <= 1.5.1. | ||||
| CVE-2025-26885 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Beaver Builder WordPress Assistant assistant allows Object Injection.This issue affects WordPress Assistant: from n/a through <= 1.5.1. | ||||
| CVE-2025-26879 | 2026-04-29 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristián Lávaque s2Member s2member allows Reflected XSS.This issue affects s2Member: from n/a through <= 241216. | ||||
| CVE-2025-26760 | 2 Wordpress, Wow-company | 2 Wordpress, Calculator-builder | 2026-04-29 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company Calculator Builder calculator-builder allows PHP Local File Inclusion.This issue affects Calculator Builder: from n/a through <= 1.6.2. | ||||
| CVE-2025-26757 | 2026-04-29 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FULL SERVICES FULL Customer full-customer allows PHP Local File Inclusion.This issue affects FULL Customer: from n/a through <= 3.1.26. | ||||
| CVE-2025-23528 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Mosterd3d DD Roles dd-roles allows Privilege Escalation.This issue affects DD Roles: from n/a through <= 4.1. | ||||
| CVE-2025-24628 | 2026-04-29 | 5.3 Medium | ||
| Authentication Bypass by Spoofing vulnerability in bestwebsoft Google Captcha google-captcha allows Identity Spoofing.This issue affects Google Captcha: from n/a through <= 1.78. | ||||
| CVE-2025-24651 | 2026-04-29 | 5.9 Medium | ||
| Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Retrieve Embedded Sensitive Data.This issue affects WordPress Backup & Migration: from n/a through <= 1.5.3. | ||||
| CVE-2025-24556 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.5 High |
| Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle moowoodle allows Retrieve Embedded Sensitive Data.This issue affects MooWoodle: from n/a through <= 3.2.4. | ||||
| CVE-2025-23444 | 2026-04-29 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nasir179125 Scroll Top Advanced scroll-top-advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a through <= 2.5. | ||||
| CVE-2025-23434 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in viher3 Easy EU Cookie law easy-eu-cookie-law allows Stored XSS.This issue affects Easy EU Cookie law: from n/a through <= 1.3.3.1. | ||||
| CVE-2025-24643 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 6.5 Medium |
| Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPGuppy: from n/a through <= 1.1.0. | ||||
| CVE-2025-24606 | 2026-04-29 | 6.4 Medium | ||
| Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.1. | ||||
| CVE-2025-23784 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows SQL Injection.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/a through <= 1.2.1. | ||||
| CVE-2025-24607 | 1 Northernbeacheswebsites | 1 Ideapush | 2026-04-29 | 5.8 Medium |
| Missing Authorization vulnerability in Northern Beaches Websites IdeaPush ideapush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through <= 8.71. | ||||
| CVE-2025-22773 | 2 Wordpress, Wpchill | 2 Wordpress, Htaccess File Editor | 2026-04-29 | 5.3 Medium |
| Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in WP Chill Htaccess File Editor htaccess-file-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Htaccess File Editor: from n/a through <= 1.0.19. | ||||
| CVE-2025-23806 | 2026-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe ultimate-subscribe allows Reflected XSS.This issue affects Ultimate Subscribe: from n/a through <= 1.3. | ||||