Export limit exceeded: 341858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341858 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47680 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-tidy-tags xili-tidy-tags allows Reflected XSS.This issue affects xili-tidy-tags: from n/a through <= 1.12.06. | ||||
| CVE-2025-47679 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RS WP THEMES RS WP Book Showcase rs-wp-books-showcase allows DOM-Based XSS.This issue affects RS WP Book Showcase: from n/a through <= 6.7.59. | ||||
| CVE-2025-47678 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelCockpit FunnelCockpit funnelcockpit allows Reflected XSS.This issue affects FunnelCockpit: from n/a through <= 1.4.3. | ||||
| CVE-2025-47677 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gt3themes Photo Gallery gt3-photo-video-gallery allows Stored XSS.This issue affects Photo Gallery: from n/a through <= 2.7.7.25. | ||||
| CVE-2025-47676 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faiyaz Alam User Login History user-login-history allows Stored XSS.This issue affects User Login History: from n/a through <= 2.1.6. | ||||
| CVE-2025-47675 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox woobox allows DOM-Based XSS.This issue affects Woobox: from n/a through <= 1.6. | ||||
| CVE-2025-47674 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Credova Financial Credova_Financial credova-financial allows Cross Site Request Forgery.This issue affects Credova_Financial: from n/a through <= 2.5.0. | ||||
| CVE-2025-47673 | 1 Tychesoftwares | 1 Arconix Shortcodes | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Reflected XSS.This issue affects Arconix Shortcodes: from n/a through <= 2.1.16. | ||||
| CVE-2025-47672 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange miniOrange Discord Integration miniorange-discord-integration allows PHP Local File Inclusion.This issue affects miniOrange Discord Integration: from n/a through <= 2.2.2. | ||||
| CVE-2025-47671 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LETSCMS MLM Software Binary MLM Plan binary-mlm-plan allows SQL Injection.This issue affects Binary MLM Plan: from n/a through <= 3.0. | ||||
| CVE-2025-47670 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through <= 7.6.10. | ||||
| CVE-2025-47669 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap cbxgooglemap allows DOM-Based XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through <= 1.1.12. | ||||
| CVE-2025-47668 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cookiecode CookieCode cookiecode allows Stored XSS.This issue affects CookieCode: from n/a through <= 2.4.4. | ||||
| CVE-2025-47667 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in qusupport LiveAgent liveagent allows Cross Site Request Forgery.This issue affects LiveAgent: from n/a through <= 4.4.7. | ||||
| CVE-2025-47665 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bistromatic N360 | Splash Screen n360-splash-screen allows Stored XSS.This issue affects N360 | Splash Screen: from n/a through <= 1.0.6. | ||||
| CVE-2025-47662 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox woobox allows Stored XSS.This issue affects Woobox: from n/a through <= 1.6. | ||||
| CVE-2025-47661 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in codemstory 워드프레스 결제 심플페이 pgall-for-woocommerce allows Cross Site Request Forgery.This issue affects 워드프레스 결제 심플페이: from n/a through <= 5.2.11. | ||||
| CVE-2025-47660 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate wc-affiliate allows Object Injection.This issue affects WC Affiliate: from n/a through <= 2.16. | ||||
| CVE-2025-47659 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows Stored XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through <= 1.0.4.3. | ||||
| CVE-2025-47658 | 3 Elextensions, Elula, Wordpress | 3 Elex Wordpress Plugin, Wsdesk, Wordpress | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Upload a Web Shell to a Web Server.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a through <= 3.2.9. | ||||