Export limit exceeded: 341800 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341800 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341800 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47558 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in RomanCode MapSVG mapsvg allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a through < 8.6.13. | ||||
| CVE-2025-47557 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RomanCode MapSVG mapsvg allows Stored XSS.This issue affects MapSVG: from n/a through <= 8.5.31. | ||||
| CVE-2025-47556 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in QuanticaLabs CSS3 Compare Pricing Tables for WordPress css3_web_pricing_tables_grids allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CSS3 Compare Pricing Tables for WordPress: from n/a through <= 11.6. | ||||
| CVE-2025-47554 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs CSS3 Compare Pricing Tables for WordPress css3_web_pricing_tables_grids allows Reflected XSS.This issue affects CSS3 Compare Pricing Tables for WordPress: from n/a through <= 11.6. | ||||
| CVE-2025-47551 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ctltwp Wiki Embed wiki-embed allows Cross Site Request Forgery.This issue affects Wiki Embed: from n/a through <= 1.4.6. | ||||
| CVE-2025-47550 | 1 Themefic | 1 Instantio | 2026-04-01 | 7.2 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio instantio allows Upload a Web Shell to a Web Server.This issue affects Instantio: from n/a through <= 3.3.16. | ||||
| CVE-2025-47549 | 1 Themefic | 1 Ultimate Before After Image Slider \& Gallery | 2026-04-01 | 7.2 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF beaf-before-and-after-gallery allows Upload a Web Shell to a Web Server.This issue affects BEAF: from n/a through <= 4.6.10. | ||||
| CVE-2025-47548 | 1 Wbcomdesigns | 1 Activity Link Preview For Buddypress | 2026-04-01 | 9.8 Critical |
| Server-Side Request Forgery (SSRF) vulnerability in Varun Dubey Wbcom Designs - Activity Link Preview For BuddyPress activity-link-preview-for-buddypress allows Server Side Request Forgery.This issue affects Wbcom Designs - Activity Link Preview For BuddyPress: from n/a through <= 1.4.4. | ||||
| CVE-2025-47547 | 1 Sendpulse | 1 Sendpulse Email Marketing Newsletter | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter sendpulse-email-marketing-newsletter allows Stored XSS.This issue affects SendPulse Email Marketing Newsletter: from n/a through <= 2.1.6. | ||||
| CVE-2025-47546 | 1 Wpcompress | 1 Wp Compress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Cross Site Request Forgery.This issue affects WP Compress: from n/a through <= 6.30.30. | ||||
| CVE-2025-47545 | 1 Ays-pro | 1 Poll Maker | 2026-04-01 | 8.1 High |
| Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through <= 5.7.7. | ||||
| CVE-2025-47544 | 1 Acowebs | 1 Dynamic Pricing With Discount Rules For Woocommerce | 2026-04-01 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Blind SQL Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through <= 4.5.8. | ||||
| CVE-2025-47543 | 1 Themetechmount | 1 Truebooker | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Cross Site Request Forgery.This issue affects TrueBooker: from n/a through <= 1.0.7. | ||||
| CVE-2025-47542 | 1 Migaweb | 1 Simple Calendar For Elementor | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Simple calendar for Elementor simple-calendar-for-elementor allows Cross Site Request Forgery.This issue affects Simple calendar for Elementor: from n/a through <= 1.6.5. | ||||
| CVE-2025-47541 | 2026-04-01 | N/A | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in WPFunnels Mail Mint mail-mint allows Retrieve Embedded Sensitive Data.This issue affects Mail Mint: from n/a through <= 1.17.7. | ||||
| CVE-2025-47540 | 1 Wedevs | 1 Wemail | 2026-04-01 | 7.5 High |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through <= 1.14.13. | ||||
| CVE-2025-47539 | 1 Themewinter | 1 Eventin | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in Arraytics Eventin wp-event-solution allows Privilege Escalation.This issue affects Eventin: from n/a through <= 4.0.26. | ||||
| CVE-2025-47538 | 1 Wpdever | 1 Cart Tracking For Woocommerce | 2026-04-01 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdever Cart tracking for WooCommerce cart-tracking-for-woocommerce allows SQL Injection.This issue affects Cart tracking for WooCommerce: from n/a through <= 1.0.17. | ||||
| CVE-2025-47537 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 5.3.8. | ||||
| CVE-2025-47536 | 2 Keywordrush, Wordpress | 2 Content Egg, Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in keywordrush Content Egg content-egg allows Object Injection.This issue affects Content Egg: from n/a through <= 7.0.0. | ||||