Export limit exceeded: 341844 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341844 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30593 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in samsk Include URL include-url allows Stored XSS.This issue affects Include URL: from n/a through <= 0.3.5. | ||||
| CVE-2025-30592 | 2 Westerndeal, Wordpress | 2 Advanced Dewplayer, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in WesternDeal Advanced Dewplayer advanced-dewplayer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Dewplayer: from n/a through <= 1.6. | ||||
| CVE-2025-30591 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in tuyennv Music Press Pro music-press-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Music Press Pro: from n/a through <= 1.4.6. | ||||
| CVE-2025-30590 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dourou Flickr set slideshows flickr-set-slideshows allows SQL Injection.This issue affects Flickr set slideshows: from n/a through <= 0.9. | ||||
| CVE-2025-30589 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dourou Flickr set slideshows flickr-set-slideshows allows SQL Injection.This issue affects Flickr set slideshows: from n/a through <= 0.9. | ||||
| CVE-2025-30588 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ryan_xantoo Map Contact map-contact allows Stored XSS.This issue affects Map Contact: from n/a through <= 3.0.4. | ||||
| CVE-2025-30587 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in shawfactor LH OGP Meta lh-ogp-meta-tags allows Stored XSS.This issue affects LH OGP Meta: from n/a through <= 1.73. | ||||
| CVE-2025-30586 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in bbodine1 cTabs ctabs allows Stored XSS.This issue affects cTabs: from n/a through <= 1.3. | ||||
| CVE-2025-30585 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in marynixie Generate Post Thumbnails generate-post-thumbnails allows Cross Site Request Forgery.This issue affects Generate Post Thumbnails: from n/a through <= 0.8. | ||||
| CVE-2025-30584 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in alphaomegaplugins AlphaOmega Captcha & Anti-Spam Filter alphaomega-captcha-anti-spam allows Stored XSS.This issue affects AlphaOmega Captcha & Anti-Spam Filter: from n/a through <= 3.3. | ||||
| CVE-2025-30583 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ProRankTracker Pro Rank Tracker proranktracker allows Stored XSS.This issue affects Pro Rank Tracker: from n/a through <= 1.0.0. | ||||
| CVE-2025-30582 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in aytechnet DyaPress ERP/CRM dyapress allows PHP Local File Inclusion.This issue affects DyaPress ERP/CRM: from n/a through <= 18.0.2.0. | ||||
| CVE-2025-30581 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in PluginOps Top Bar ultimate-bar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top Bar: from n/a through <= 3.3. | ||||
| CVE-2025-30580 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in kellydiek DigiWidgets Image Editor digiwidgets-image-editor allows Remote Code Inclusion.This issue affects DigiWidgets Image Editor: from n/a through <= 1.10. | ||||
| CVE-2025-30579 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jakeii Pesapal Gateway for Woocommerce pesapal-for-woocommerce allows Reflected XSS.This issue affects Pesapal Gateway for Woocommerce: from n/a through <= 2.1.0. | ||||
| CVE-2025-30578 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in hotvanrod AdSense Privacy Policy adsense-privacy-policy allows Stored XSS.This issue affects AdSense Privacy Policy: from n/a through <= 1.1.1. | ||||
| CVE-2025-30577 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in mendibass Browser Address Bar Color browser-address-bar-color allows Stored XSS.This issue affects Browser Address Bar Color: from n/a through <= 3.3. | ||||
| CVE-2025-30576 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Image Autosave hacklog-remote-image-autosave allows Cross Site Request Forgery.This issue affects Hacklog Remote Image Autosave: from n/a through <= 2.1.0. | ||||
| CVE-2025-30575 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arefly Login Redirect login-redirect allows Stored XSS.This issue affects Login Redirect: from n/a through <= 1.0.5. | ||||
| CVE-2025-30574 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jenst Mobile Navigation mobile-navigation allows Stored XSS.This issue affects Mobile Navigation: from n/a through <= 1.5. | ||||