Export limit exceeded: 341925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30984 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dzynit SEO Tools seo-automatic-seo-tools allows Reflected XSS.This issue affects SEO Tools: from n/a through <= 4.0.7. | ||||
| CVE-2025-30983 | 2 Gopiplus, Wordpress | 2 Wp Image Slideshow, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through <= 1.5. | ||||
| CVE-2025-30982 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookProgress by Stormhill Media mybookprogress allows Stored XSS.This issue affects MyBookProgress by Stormhill Media: from n/a through <= 1.0.8. | ||||
| CVE-2025-30980 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link simple-keyword-to-link allows Cross Site Request Forgery.This issue affects Simple Keyword to Link: from n/a through <= 1.5. | ||||
| CVE-2025-30979 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Pixelating image slideshow gallery pixelating-image-slideshow-gallery allows SQL Injection.This issue affects Pixelating image slideshow gallery: from n/a through <= 8.0. | ||||
| CVE-2025-30978 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Dor Zuberi Slack Notifications by dorzki dorzki-notifications-to-slack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slack Notifications by dorzki: from n/a through <= 2.0.7. | ||||
| CVE-2025-30977 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chaport Live Chat Chaport chaport allows Stored XSS.This issue affects Chaport: from n/a through <= 1.1.6. | ||||
| CVE-2025-30976 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in wpdive Nexa Blocks nexa-blocks allows Server Side Request Forgery.This issue affects Nexa Blocks: from n/a through <= 1.1.1. | ||||
| CVE-2025-30975 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Code Injection.This issue affects Add Custom Codes: from n/a through <= 4.80. | ||||
| CVE-2025-30974 | 2 Addonmaster, Wordpress | 2 Post Grid Master, Wordpress | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Akhtarujjaman Shuvo Post Grid Master ajax-filter-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid Master: from n/a through <= 3.4.17. | ||||
| CVE-2025-30973 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS coschool allows Object Injection.This issue affects CoSchool LMS: from n/a through <= 1.4.3. | ||||
| CVE-2025-30972 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iamapinan Woocommerce Line Notify woo-line-notify allows Stored XSS.This issue affects Woocommerce Line Notify: from n/a through <= 1.1.7. | ||||
| CVE-2025-30971 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xavi Ivars XV Random Quotes xv-random-quotes allows SQL Injection.This issue affects XV Random Quotes: from n/a through <= 2.0.0. | ||||
| CVE-2025-30970 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scottwallick Easy Contact easy-contact allows Reflected XSS.This issue affects Easy Contact: from n/a through <= 0.1.2. | ||||
| CVE-2025-30969 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus iFrame Images Gallery wp-iframe-images-gallery allows SQL Injection.This issue affects iFrame Images Gallery: from n/a through <= 9.0. | ||||
| CVE-2025-30968 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in jokerbr313 Advanced Post List advanced-post-list allows Cross Site Request Forgery.This issue affects Advanced Post List: from n/a through <= 0.5.6.2. | ||||
| CVE-2025-30964 | 2026-04-01 | N/A | ||
| Server-Side Request Forgery (SSRF) vulnerability in ThemeGoods Photography photography allows Server Side Request Forgery.This issue affects Photography: from n/a through < 7.7.6. | ||||
| CVE-2025-30963 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows DOM-Based XSS.This issue affects JetSmartFilters: from n/a through <= 3.6.3. | ||||
| CVE-2025-30962 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fs-code FS Poster fs-poster allows Reflected XSS.This issue affects FS Poster: from n/a through <= 6.5.8. | ||||
| CVE-2025-30961 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tinuzz Trackserver trackserver allows DOM-Based XSS.This issue affects Trackserver: from n/a through <= 5.1.0. | ||||