Export limit exceeded: 17348 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341800 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341800 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341800 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25172 | 2 Beeteam368, Wordpress | 2 Vidmov, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in beeteam368 VidMov vidmov allows PHP Local File Inclusion.This issue affects VidMov: from n/a through <= 1.9.4. | ||||
| CVE-2025-25171 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Convers Lab WP SmartPay smartpay allows Authentication Abuse.This issue affects WP SmartPay: from n/a through <= 2.7.13. | ||||
| CVE-2025-25170 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DotsquaresLtd Migrate Posts migrate-post allows Reflected XSS.This issue affects Migrate Posts: from n/a through <= 1.0. | ||||
| CVE-2025-25169 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rachel Cherry Authors Autocomplete Meta Box authors-autocomplete-meta-box allows Reflected XSS.This issue affects Authors Autocomplete Meta Box: from n/a through <= 1.2. | ||||
| CVE-2025-25168 | 1 Blackandwhitedigital | 1 Bookpress | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Black and White BookPress – For Book Authors book-press allows Cross-Site Scripting (XSS).This issue affects BookPress – For Book Authors: from n/a through <= 1.2.7. | ||||
| CVE-2025-25167 | 1 Blackandwhitedigital | 1 Bookpress | 2026-04-01 | 9.8 Critical |
| Missing Authorization vulnerability in Black and White BookPress – For Book Authors book-press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BookPress – For Book Authors: from n/a through <= 1.2.7. | ||||
| CVE-2025-25166 | 1 Gabrieldarezzo | 1 Inlocation | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation inlocation allows Stored XSS.This issue affects InLocation: from n/a through <= 1.8. | ||||
| CVE-2025-25165 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in richardgabriel Staff Directory Plugin: Company Directory staff-directory-pro allows Stored XSS.This issue affects Staff Directory Plugin: Company Directory: from n/a through <= 4.3. | ||||
| CVE-2025-25164 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yuichiro ABE Meta Accelerator meta-accelerator allows Reflected XSS.This issue affects Meta Accelerator: from n/a through <= 1.0.4. | ||||
| CVE-2025-25163 | 1 Pluginab | 1 Plugin A\/b Image Optimizer | 2026-04-01 | 9.8 Critical |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer images-optimizer allows Path Traversal.This issue affects Plugin A/B Image Optimizer: from n/a through <= 3.3. | ||||
| CVE-2025-25162 | 2026-04-01 | N/A | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in kutu62 Sports Rankings and Lists sports-rankings-lists allows Absolute Path Traversal.This issue affects Sports Rankings and Lists: from n/a through <= 1.0.2. | ||||
| CVE-2025-25161 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SocialEvolution WP Find Your Nearest wp-find-your-nearest allows Reflected XSS.This issue affects WP Find Your Nearest: from n/a through <= 0.3.1. | ||||
| CVE-2025-25160 | 1 Markbarnes | 1 Style Tweaker | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker style-tweaker allows Stored XSS.This issue affects Style Tweaker: from n/a through <= 0.11. | ||||
| CVE-2025-25159 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robert_kolatzek WP doodlez wpdoodlez allows Stored XSS.This issue affects WP doodlez: from n/a through <= 1.0.10. | ||||
| CVE-2025-25158 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Antonio Sanchez Uncomplicated SEO uncomplicated-seo allows Reflected XSS.This issue affects Uncomplicated SEO: from n/a through <= 1.2. | ||||
| CVE-2025-25157 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpchurchteam WP Church Center wp-church-center allows Reflected XSS.This issue affects WP Church Center: from n/a through <= 1.3.3. | ||||
| CVE-2025-25156 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comments quote-comments allows Stored XSS.This issue affects Quote Comments: from n/a through <= 3.0.0. | ||||
| CVE-2025-25155 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in efreja Music Sheet Viewer music-sheet-viewer allows Path Traversal.This issue affects Music Sheet Viewer: from n/a through <= 4.1. | ||||
| CVE-2025-25154 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in scweber Custom Comment Notifications custom-comment-notifications allows Stored XSS.This issue affects Custom Comment Notifications: from n/a through <= 1.0.8. | ||||
| CVE-2025-25153 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in djjmz Simple Auto Tag simple-auto-tag allows Stored XSS.This issue affects Simple Auto Tag: from n/a through <= 1.1. | ||||