Export limit exceeded: 346271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346271 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62975 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in raychat Raychat raychat allows Cross Site Request Forgery.This issue affects Raychat: from n/a through <= 2.2.1. | ||||
| CVE-2025-62972 | 2 Webinarpress, Wordpress | 2 Webinarpress, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebinarPress: from n/a through <= 1.33.28. | ||||
| CVE-2025-62970 | 2 Spencer Haws, Wordpress | 2 Link Whisper Free, Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in Spencer Haws Link Whisper Free link-whisper allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Link Whisper Free: from n/a through <= 0.9.2. | ||||
| CVE-2025-62966 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in Apiki GoCache gocache-cdn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoCache: from n/a through <= 1.3.6. | ||||
| CVE-2025-62965 | 2 Admin Management Xtended Project, Wordpress | 2 Admin Management Xtended, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in wpseek Admin Management Xtended admin-management-xtended allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin Management Xtended : from n/a through <= 2.5.1. | ||||
| CVE-2025-62964 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through <= 1.3.6. | ||||
| CVE-2025-62963 | 2 Estatik, Wordpress | 2 Estatik, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Estatik Estatik estatik allows DOM-Based XSS.This issue affects Estatik: from n/a through <= 4.3.1. | ||||
| CVE-2025-62962 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Andrea Landonio CloudSearch cloud-search allows Stored XSS.This issue affects CloudSearch: from n/a through <= 3.0.0. | ||||
| CVE-2025-62961 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in sparklewpthemes Sparkle FSE sparkle-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sparkle FSE: from n/a through <= 1.0.9. | ||||
| CVE-2025-62960 | 2 Sparkle Wp, Wordpress | 2 Construction Light, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in sparklewpthemes Construction Light construction-light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Construction Light: from n/a through <= 1.6.7. | ||||
| CVE-2025-62958 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Clifton Griffin Simple Content Templates for Blog Posts & Pages simple-post-template allows Cross Site Request Forgery.This issue affects Simple Content Templates for Blog Posts & Pages: from n/a through <= 2.2.61. | ||||
| CVE-2025-62957 | 3 Nikanwp, Woocommerce, Wordpress | 3 Woocommerce Reporting, Woocommerce, Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through <= 1.0.0. | ||||
| CVE-2025-62956 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in iseremet Reloadly reloadly-topup-widget allows Stored XSS.This issue affects Reloadly: from n/a through <= 2.0.1. | ||||
| CVE-2025-62955 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HappyDevs TempTool [Show Current Template Info] current-template-name allows Retrieve Embedded Sensitive Data.This issue affects TempTool [Show Current Template Info]: from n/a through <= 1.3.1. | ||||
| CVE-2025-62954 | 2 Revive, Wordpress | 2 Revive Old Posts, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in rsocial Revive Old Posts tweet-old-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive Old Posts: from n/a through <= 9.3.3. | ||||
| CVE-2025-62953 | 2 Welcart, Wordpress | 2 E-commerce, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcart e-Commerce: from n/a through <= 2.11.24. | ||||
| CVE-2025-62952 | 2 Quantumcloud, Wordpress | 2 Chatbot, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.7.3. | ||||
| CVE-2025-62950 | 2 Contest Gallery, Wordpress | 2 Contest Gallery, Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Request Forgery.This issue affects Contest Gallery: from n/a through <= 28.0.0. | ||||
| CVE-2025-62947 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in publitio Publitio publitio allows Retrieve Embedded Sensitive Data.This issue affects Publitio: from n/a through <= 2.2.5. | ||||
| CVE-2025-62946 | 2 Everestthemes, Wordpress | 2 Everest Backup, Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Everest Backup: from n/a through <= 2.3.8. | ||||