Export limit exceeded: 341835 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341835 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32674 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Product Excel Import Export & Bulk Edit for WooCommerce webd-woocommerce-product-excel-importer-bulk-edit allows Reflected XSS.This issue affects Product Excel Import Export & Bulk Edit for WooCommerce: from n/a through <= 4.7. | ||||
| CVE-2025-32673 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in epeken Epeken All Kurir epeken-all-kurir allows Stored XSS.This issue affects Epeken All Kurir: from n/a through <= 2.0.6. | ||||
| CVE-2025-32672 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Ultimate Bootstrap Elements for Elementor ultimate-bootstrap-elements-for-elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through <= 1.4.9. | ||||
| CVE-2025-32671 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in John Weissberg Print Science Designer print-science-designer allows Path Traversal.This issue affects Print Science Designer: from n/a through <= 1.3.155. | ||||
| CVE-2025-32670 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Parnell Spark GF Failed Submissions spark-gf-failed-submissions allows Reflected XSS.This issue affects Spark GF Failed Submissions: from n/a through <= 1.3.5. | ||||
| CVE-2025-32669 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack mergado-marketing-pack allows Stored XSS.This issue affects Mergado Pack: from n/a through <= 4.2.1. | ||||
| CVE-2025-32668 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows PHP Local File Inclusion.This issue affects Real Estate Manager: from n/a through <= 7.3. | ||||
| CVE-2025-32667 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in fromdoppler Doppler Forms doppler-form allows Stored XSS.This issue affects Doppler Forms: from n/a through <= 2.5.1. | ||||
| CVE-2025-32666 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support hive-support allows Reflected XSS.This issue affects Hive Support: from n/a through <= 1.2.5. | ||||
| CVE-2025-32665 | 2 Webbytemplate, Wordpress | 2 Office Locator, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebbyTemplate Office Locator office-locator allows SQL Injection.This issue affects Office Locator: from n/a through <= 1.3.0. | ||||
| CVE-2025-32664 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ashokbasnet Nepali Date Utilities nepali-date-utilities allows Stored XSS.This issue affects Nepali Date Utilities: from n/a through <= 1.0.15. | ||||
| CVE-2025-32663 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Cooming Soon fat-coming-soon allows PHP Local File Inclusion.This issue affects FAT Cooming Soon: from n/a through <= 1.1. | ||||
| CVE-2025-32662 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through <= 2.2.0. | ||||
| CVE-2025-32661 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive US Map interactive-us-map allows Stored XSS.This issue affects Interactive US Map: from n/a through <= 2.7. | ||||
| CVE-2025-32660 | 2 Joomsky, Wordpress | 2 Js Job Manager, Wordpress | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager js-jobs allows Upload a Web Shell to a Web Server.This issue affects JS Job Manager: from n/a through <= 2.0.2. | ||||
| CVE-2025-32659 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in fraudlabspro FraudLabs Pro for WooCommerce fraudlabs-pro-for-woocommerce allows Stored XSS.This issue affects FraudLabs Pro for WooCommerce: from n/a through <= 2.22.8. | ||||
| CVE-2025-32658 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in wpWax HelpGent helpgent allows Object Injection.This issue affects HelpGent: from n/a through <= 2.2.5. | ||||
| CVE-2025-32656 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Testimonial Slider And Showcase Pro testimonial-slider-showcase-pro allows PHP Local File Inclusion.This issue affects Testimonial Slider And Showcase Pro: from n/a through <= 2.3.15. | ||||
| CVE-2025-32655 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in DevriX Restrict User Registration restrict-user-registration allows Stored XSS.This issue affects Restrict User Registration: from n/a through <= 1.0.1. | ||||
| CVE-2025-32654 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix Motors motors-car-dealership-classified-listings allows PHP Local File Inclusion.This issue affects Motors: from n/a through <= 1.4.71. | ||||