Export limit exceeded: 341835 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341835 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47602 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in ammarahmad786 Calculate Prices based on Distance For WooCommerce calculate-prices-based-on-distance-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Calculate Prices based on Distance For WooCommerce: from n/a through <= 1.3.5. | ||||
| CVE-2025-47601 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Privilege Escalation.This issue affects MaxiBlocks: from n/a through <= 2.1.0. | ||||
| CVE-2025-47599 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in facturante Facturante facturante allows SQL Injection.This issue affects Facturante: from n/a through <= 1.11. | ||||
| CVE-2025-47598 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in click5 History Log by click5 history-log-by-click5 allows Stored XSS.This issue affects History Log by click5: from n/a through <= 1.0.13. | ||||
| CVE-2025-47597 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Maulik Vora WP Podcasts Manager wp-podcasts-manager allows Cross Site Request Forgery.This issue affects WP Podcasts Manager: from n/a through <= 1.3. | ||||
| CVE-2025-47596 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Cross Site Request Forgery.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through <= 1.5.8. | ||||
| CVE-2025-47595 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darshan Saroya Color Your Bar color-your-bar allows Stored XSS.This issue affects Color Your Bar: from n/a through <= 2.0. | ||||
| CVE-2025-47593 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonas Hjalmarsson Really Simple Under Construction Page really-simple-under-construction allows Stored XSS.This issue affects Really Simple Under Construction Page: from n/a through <= 1.4.6. | ||||
| CVE-2025-47592 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Árpád Lehel Mátyus Terms Popup On User Login terms-popup-on-user-login allows Stored XSS.This issue affects Terms Popup On User Login: from n/a through <= 2.0.8. | ||||
| CVE-2025-47591 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Featured Image: from n/a through <= 1.2.4. | ||||
| CVE-2025-47590 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in JExtensions Store WPSpeed wpspeed allows Cross Site Request Forgery.This issue affects WPSpeed: from n/a through <= 2.6.5. | ||||
| CVE-2025-47589 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in motov.net Ebook Store ebook-store allows DOM-Based XSS.This issue affects Ebook Store: from n/a through <= 5.8009. | ||||
| CVE-2025-47587 | 1 Yaycommerce | 1 Yaysmtp | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YaySMTP yaysmtp allows Blind SQL Injection.This issue affects YaySMTP: from n/a through <= 2.6.4. | ||||
| CVE-2025-47586 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Motors - Events stm-motors-events allows PHP Local File Inclusion.This issue affects Motors - Events: from n/a through <= 1.4.7. | ||||
| CVE-2025-47585 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booking and Rental Manager: from n/a through <= 2.3.8. | ||||
| CVE-2025-47583 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through <= 10.16. | ||||
| CVE-2025-47581 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through <= 2.6.0. | ||||
| CVE-2025-47580 | 1 Etoilewebdesign | 1 Front End Users | 2026-04-01 | 9.8 Critical |
| Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Front End Users: from n/a through <= 3.2.35. | ||||
| CVE-2025-47579 | 2 Themegoods, Wordpress | 2 Photography, Wordpress | 2026-04-01 | 8.1 High |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Photography photography allows Object Injection.This issue affects Photography: from n/a through <= 7.7.2. | ||||
| CVE-2025-47578 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edward Caissie BNS Twitter Follow Button bns-twitter-follow-button allows DOM-Based XSS.This issue affects BNS Twitter Follow Button: from n/a through <= 0.3.8. | ||||