Export limit exceeded: 341833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341833 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39402 | 2 Mojoomla, Wordpress | 2 Wpams Plugin, Worpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39401 | 2 Mojoomla, Wordpress | 2 Wpams Plugin, Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39400 | 1 Wpeverest | 2 User Registration, User Registration \& Membership | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration user-registration allows Reflected XSS.This issue affects User Registration: from n/a through < 4.2.0. | ||||
| CVE-2025-39399 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashraful Sarkar Naiem License For Envato license-envato allows PHP Local File Inclusion.This issue affects License For Envato: from n/a through <= 1.0.0. | ||||
| CVE-2025-39398 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Themovation Bellevue bellevuex.This issue affects Bellevue: from n/a through <= 4.2.2. | ||||
| CVE-2025-39397 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus@hotmail.com Anything Popup anything-popup allows Reflected XSS.This issue affects Anything Popup: from n/a through <= 7.3. | ||||
| CVE-2025-39396 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 2.3.6. | ||||
| CVE-2025-39395 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39393 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla Hospital Management System hospital-management allows Reflected XSS.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023). | ||||
| CVE-2025-39392 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). | ||||
| CVE-2025-39391 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zamartz Checkout Field Visibility for WooCommerce checkout-field-visibility-for-woocommerce allows PHP Local File Inclusion.This issue affects Checkout Field Visibility for WooCommerce: from n/a through <= 1.3.0. | ||||
| CVE-2025-39390 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booking and Rental Manager: from n/a through <= 2.3.6. | ||||
| CVE-2025-39387 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpoperations Opstore opstore allows PHP Local File Inclusion.This issue affects Opstore: from n/a through <= 1.4.5. | ||||
| CVE-2025-39386 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla Hospital Management System hospital-management allows SQL Injection.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023). | ||||
| CVE-2025-39385 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in vowelweb Sirat sirat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sirat: from n/a through <= 1.5.1. | ||||
| CVE-2025-39384 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cedcommerce Product Lister for eBay product-lister-ebay allows PHP Local File Inclusion.This issue affects Product Lister for eBay: from n/a through <= 2.0.9. | ||||
| CVE-2025-39383 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in codeworkweb Xews Lite xews-lite allows PHP Local File Inclusion.This issue affects Xews Lite: from n/a through <= 1.0.9. | ||||
| CVE-2025-39382 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in danielpataki ACF: Google Font Selector acf-google-font-selector-field allows Reflected XSS.This issue affects ACF: Google Font Selector: from n/a through <= 3.0.1. | ||||
| CVE-2025-39380 | 2 Hospital Management System, Wordpress | 2 Hospital Management System, Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System hospital-management allows Upload a Web Shell to a Web Server.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023). | ||||
| CVE-2025-39379 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Capturly Capturly capturly-optimize-your-website allows PHP Local File Inclusion.This issue affects Capturly: from n/a through <= 2.0.1. | ||||