Export limit exceeded: 341858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341858 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47612 | 1 Flowdee | 1 Clickwhale | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in ClickWhale ClickWhale clickwhale allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ClickWhale: from n/a through <= 2.4.6. | ||||
| CVE-2025-47611 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Khaled User Meta user-meta allows Reflected XSS.This issue affects User Meta: from n/a through <= 3.1.2. | ||||
| CVE-2025-47610 | 3 Wetail, Woocommerce, Wordpress | 3 Woocommerce Fortnox Integration, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wetail WooCommerce Fortnox Integration woocommerce-fortnox-integration allows Stored XSS.This issue affects WooCommerce Fortnox Integration: from n/a through <= 4.5.6. | ||||
| CVE-2025-47609 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in easymebiz EasyMe Connect easyme-connect allows Cross Site Request Forgery.This issue affects EasyMe Connect: from n/a through <= 3.0.3. | ||||
| CVE-2025-47608 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce recover-wc-abandoned-cart allows SQL Injection.This issue affects Recover abandoned cart for WooCommerce: from n/a through <= 2.5. | ||||
| CVE-2025-47607 | 1 Appjetty | 1 Show All Comments | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AppJetty Show All Comments show-all-comments-in-one-page allows Stored XSS.This issue affects Show All Comments: from n/a through <= 7.0.1. | ||||
| CVE-2025-47606 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways giveasap allows Cross Site Request Forgery.This issue affects Simple Giveaways: from n/a through <= 2.49.0. | ||||
| CVE-2025-47605 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AppJetty WP jQuery DataTable wp-jquery-datatable allows Stored XSS.This issue affects WP jQuery DataTable: from n/a through <= 4.1.0. | ||||
| CVE-2025-47604 | 2 Data443, Wordpress | 2 Inline Related Posts, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Risk Mitigation, Inc. Inline Related Posts intelly-related-posts allows Stored XSS.This issue affects Inline Related Posts: from n/a through <= 3.8.0. | ||||
| CVE-2025-47603 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Belingo belingoGeo belingogeo allows Path Traversal.This issue affects belingoGeo: from n/a through <= 1.12.0. | ||||
| CVE-2025-47602 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in ammarahmad786 Calculate Prices based on Distance For WooCommerce calculate-prices-based-on-distance-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Calculate Prices based on Distance For WooCommerce: from n/a through <= 1.3.5. | ||||
| CVE-2025-47601 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Privilege Escalation.This issue affects MaxiBlocks: from n/a through <= 2.1.0. | ||||
| CVE-2025-47599 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in facturante Facturante facturante allows SQL Injection.This issue affects Facturante: from n/a through <= 1.11. | ||||
| CVE-2025-47598 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in click5 History Log by click5 history-log-by-click5 allows Stored XSS.This issue affects History Log by click5: from n/a through <= 1.0.13. | ||||
| CVE-2025-47597 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Maulik Vora WP Podcasts Manager wp-podcasts-manager allows Cross Site Request Forgery.This issue affects WP Podcasts Manager: from n/a through <= 1.3. | ||||
| CVE-2025-47596 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Cross Site Request Forgery.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through <= 1.5.8. | ||||
| CVE-2025-47595 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darshan Saroya Color Your Bar color-your-bar allows Stored XSS.This issue affects Color Your Bar: from n/a through <= 2.0. | ||||
| CVE-2025-47593 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonas Hjalmarsson Really Simple Under Construction Page really-simple-under-construction allows Stored XSS.This issue affects Really Simple Under Construction Page: from n/a through <= 1.4.6. | ||||
| CVE-2025-47592 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Árpád Lehel Mátyus Terms Popup On User Login terms-popup-on-user-login allows Stored XSS.This issue affects Terms Popup On User Login: from n/a through <= 2.0.8. | ||||
| CVE-2025-47591 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Featured Image: from n/a through <= 1.2.4. | ||||