Export limit exceeded: 341925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48257 | 2 Projectopia, Wordpress | 2 Projectopia, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Projectopia Projectopia projectopia-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Projectopia: from n/a through <= 5.1.17. | ||||
| CVE-2025-48256 | 1 Xylusthemes | 1 Import Social Events | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through <= 1.8.5. | ||||
| CVE-2025-48255 | 1 Videowhisper | 1 Videowhisper Live Streaming Integration | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Cross Site Request Forgery.This issue affects Broadcast Live Video: from n/a through <= 6.2.4. | ||||
| CVE-2025-48254 | 1 Wpfactory | 1 Change Add To Cart Button Text For Woocommerce | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce add-to-cart-button-labels-for-woocommerce allows Stored XSS.This issue affects Change Add to Cart Button Text for WooCommerce: from n/a through <= 2.2.2. | ||||
| CVE-2025-48253 | 1 Wpfactory | 1 Free Shipping Bar | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce amount-left-free-shipping-woocommerce allows Stored XSS.This issue affects Free Shipping Bar: Amount Left for Free Shipping for WooCommerce: from n/a through <= 2.4.6. | ||||
| CVE-2025-48252 | 1 Wpfactory | 1 Back Button Widget | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through <= 1.6.8. | ||||
| CVE-2025-48251 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Emails & Recipients for WooCommerce custom-emails-for-woocommerce allows Stored XSS.This issue affects Additional Custom Emails & Recipients for WooCommerce: from n/a through <= 3.5.1. | ||||
| CVE-2025-48250 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Coupons & Add to Cart by URL Links for WooCommerce url-coupons-for-woocommerce-by-algoritmika allows Stored XSS.This issue affects Coupons & Add to Cart by URL Links for WooCommerce: from n/a through <= 1.7.7. | ||||
| CVE-2025-48249 | 1 Wpfactory | 1 Ean For Woocommerce | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Stored XSS.This issue affects EAN for WooCommerce: from n/a through <= 5.4.6. | ||||
| CVE-2025-48248 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products global-shop-discount-for-woocommerce allows Stored XSS.This issue affects Sitewide Discount for WooCommerce: Apply Discount to All Products: from n/a through <= 2.2.1. | ||||
| CVE-2025-48247 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Blair Williams Shortlinks by Pretty Links pretty-link allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortlinks by Pretty Links: from n/a through <= 3.6.15. | ||||
| CVE-2025-48246 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in StellarWP The Events Calendar the-events-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar: from n/a through <= 6.11.2.1. | ||||
| CVE-2025-48245 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal Quick Contact Form quick-contact-form allows Reflected XSS.This issue affects Quick Contact Form: from n/a through <= 8.2.1. | ||||
| CVE-2025-48244 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor exclusive-addons-for-elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through <= 2.7.9. | ||||
| CVE-2025-48243 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through <= 2.26. | ||||
| CVE-2025-48242 | 1 Wpwax | 1 Legal Pages | 2026-04-01 | N/A |
| Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Legal Pages: from n/a through <= 1.4.5. | ||||
| CVE-2025-48241 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soft8Soft LLC Verge3D verge3d allows Reflected XSS.This issue affects Verge3D: from n/a through <= 4.9.3. | ||||
| CVE-2025-48240 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Cost of Goods for WooCommerce cost-of-goods-for-woocommerce allows Stored XSS.This issue affects Cost of Goods for WooCommerce: from n/a through <= 3.7.0. | ||||
| CVE-2025-48239 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce product-notes-for-woocommerce allows Stored XSS.This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/a through <= 3.1.0. | ||||
| CVE-2025-48238 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in awcode AWcode Toolkit awcode-toolkit allows Stored XSS.This issue affects AWcode Toolkit: from n/a through <= 1.0.18. | ||||