Export limit exceeded: 341858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341858 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-28881 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in mg12 Mobile Themes wp-mobile-themes allows Cross Site Request Forgery.This issue affects Mobile Themes: from n/a through <= 1.1.1. | ||||
| CVE-2025-28880 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through <= 1.7.4. | ||||
| CVE-2025-28879 | 1 Aumsrini | 1 Bee Layer Slider | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aumsrini Bee Layer Slider bee-layer-slider allows Stored XSS.This issue affects Bee Layer Slider: from n/a through <= 1.1. | ||||
| CVE-2025-28878 | 1 Willbrubaker | 1 Awesome Surveys | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Will Brubaker Awesome Surveys awesome-surveys allows Stored XSS.This issue affects Awesome Surveys: from n/a through <= 2.0.10. | ||||
| CVE-2025-28877 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in m.tiggelaar Key4ce osTicket Bridge key4ce-osticket-bridge allows Reflected XSS.This issue affects Key4ce osTicket Bridge: from n/a through <= 1.4.0. | ||||
| CVE-2025-28876 | 1 Skrill | 1 Skrill | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Skrill_Team Skrill Official official-skrill-woocommerce allows Cross Site Request Forgery.This issue affects Skrill Official: from n/a through <= 1.0.66. | ||||
| CVE-2025-28875 | 1 Shanebp | 1 Bp Email Assign Templates | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shanebp BP Email Assign Templates bp-email-assign-templates allows Stored XSS.This issue affects BP Email Assign Templates: from n/a through <= 1.6. | ||||
| CVE-2025-28874 | 1 Shanebp | 1 Bp Email Assign Templates | 2026-04-01 | 4.9 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in shanebp BP Email Assign Templates bp-email-assign-templates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BP Email Assign Templates: from n/a through <= 1.7. | ||||
| CVE-2025-28873 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Scott Taylor Shuffle shuffle allows Blind SQL Injection.This issue affects Shuffle: from n/a through <= 0.5. | ||||
| CVE-2025-28872 | 1 Jwpegram | 1 Block Spam By Math Reloaded | 2026-04-01 | 9.8 Critical |
| Missing Authorization vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Block Spam By Math Reloaded: from n/a through <= 2.2.4. | ||||
| CVE-2025-28871 | 1 Jwpegram | 1 Block Spam By Math Reloaded | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Stored XSS.This issue affects Block Spam By Math Reloaded: from n/a through <= 2.2.4. | ||||
| CVE-2025-28870 | 1 Amocrm | 1 Amocrm | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in amocrm amoCRM WebForm amocrm-webform allows DOM-Based XSS.This issue affects amoCRM WebForm: from n/a through <= 1.1. | ||||
| CVE-2025-28869 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shauno NextGEN Gallery Voting nextgen-gallery-voting allows Reflected XSS.This issue affects NextGEN Gallery Voting: from n/a through <= 2.7.6. | ||||
| CVE-2025-28868 | 1 Condenast | 1 Ziplist Recipe | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ZipList ZipList Recipe ziplist-recipe-plugin allows Cross Site Request Forgery.This issue affects ZipList Recipe: from n/a through <= 3.1. | ||||
| CVE-2025-28867 | 1 Stesvis | 1 Frontpage Category Filter | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in stesvis Frontpage category filter frontpage-category-filter allows Cross Site Request Forgery.This issue affects Frontpage category filter: from n/a through <= 1.0.2. | ||||
| CVE-2025-28866 | 1 Smerriman | 1 Login Logger | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in smerriman Login Logger login-logger allows Cross Site Request Forgery.This issue affects Login Logger: from n/a through <= 1.2.1. | ||||
| CVE-2025-28865 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lionelroux WP Colorful Tag Cloud wp-colorful-tag-cloud allows Reflected XSS.This issue affects WP Colorful Tag Cloud: from n/a through <= 2.0.1. | ||||
| CVE-2025-28864 | 1 Planetstudio | 1 Builder For Contact Form 7 | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in planetstudio Builder for Contact Form 7 by Webconstruct cf7-builder allows Cross Site Request Forgery.This issue affects Builder for Contact Form 7 by Webconstruct: from n/a through <= 1.2.2. | ||||
| CVE-2025-28863 | 1 Carlosminatti | 1 Delete Original Image | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Carlos Minatti Delete Original Image delete-original-image allows Cross Site Request Forgery.This issue affects Delete Original Image: from n/a through <= 0.4. | ||||
| CVE-2025-28862 | 1 Venugopal | 1 Comment Date And Gravatar Remover | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Comment Date and Gravatar remover remove-date-and-gravatar-under-comment allows Cross Site Request Forgery.This issue affects Comment Date and Gravatar remover: from n/a through <= 1.0. | ||||