Export limit exceeded: 341817 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341817 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25112 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kareemsultan Social Links social-links allows Command Line Execution through SQL Injection.This issue affects Social Links: from n/a through <= 1.2. | ||||
| CVE-2025-25111 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check WP Spell Check wp-spell-check allows Cross Site Request Forgery.This issue affects WP Spell Check: from n/a through <= 9.21. | ||||
| CVE-2025-25110 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Metagauss Event Kikfyre kikfyre-events-calendar-tickets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Kikfyre: from n/a through <= 2.1.8. | ||||
| CVE-2025-25109 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky WP Vehicle Manager js-vehicle-manager allows PHP Local File Inclusion.This issue affects WP Vehicle Manager: from n/a through <= 3.1. | ||||
| CVE-2025-25108 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shalomworld SW Plus shalom-world-media-gallery allows Reflected XSS.This issue affects SW Plus: from n/a through <= 2.1. | ||||
| CVE-2025-25107 | 2 Sainwp, Wordpress | 2 Onestore Sites, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in sainwp OneStore Sites onestore-sites allows Cross Site Request Forgery.This issue affects OneStore Sites: from n/a through <= 0.1.1. | ||||
| CVE-2025-25106 | 2 Fancywp, Wordpress | 2 Starter Templates, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in FancyWP Starter Templates by FancyWP starter-templates allows Cross Site Request Forgery.This issue affects Starter Templates by FancyWP: from n/a through <= 2.0.0. | ||||
| CVE-2025-25105 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in coffeestudios Pop Up popup-seo-optimized allows Stored XSS.This issue affects Pop Up: from n/a through <= 0.1. | ||||
| CVE-2025-25104 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in mraliende URL-Preview-Box good-url-preview-box allows Cross Site Request Forgery.This issue affects URL-Preview-Box: from n/a through <= 1.20. | ||||
| CVE-2025-25103 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bnielsen Indeed API indeed-api allows Cross Site Request Forgery.This issue affects Indeed API: from n/a through <= 0.5. | ||||
| CVE-2025-25102 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh Harrison Yahoo BOSS yahoo-boss allows Reflected XSS.This issue affects Yahoo BOSS: from n/a through <= 0.7. | ||||
| CVE-2025-25101 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in MetricThemes Munk Sites munk-sites allows Cross Site Request Forgery.This issue affects Munk Sites: from n/a through <= 1.0.7. | ||||
| CVE-2025-25100 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in victoracano Cazamba cazamba allows Reflected XSS.This issue affects Cazamba: from n/a through <= 1.2. | ||||
| CVE-2025-25099 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in accreteinfosolution Appointment Buddy Widget appointment-buddy-online-appointment-booking-by-accrete allows Cross-Site Scripting (XSS).This issue affects Appointment Buddy Widget: from n/a through <= 1.2. | ||||
| CVE-2025-25098 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zack Katz Links in Captions links-in-captions allows Stored XSS.This issue affects Links in Captions: from n/a through <= 1.2. | ||||
| CVE-2025-25097 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kwiliarty External Video For Everybody external-video-for-everybody allows Stored XSS.This issue affects External Video For Everybody: from n/a through <= 2.1.1. | ||||
| CVE-2025-25096 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in titusbicknell RSS in Page rss-in-page allows Stored XSS.This issue affects RSS in Page: from n/a through <= 2.9.1. | ||||
| CVE-2025-25095 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through <= 2.1. | ||||
| CVE-2025-25094 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amitythemes.com Breaking News Ticker breaking-news-ticker allows Stored XSS.This issue affects Breaking News Ticker: from n/a through <= 2.4.4. | ||||
| CVE-2025-25093 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in paulswarthout Child Themes Helper child-themes-helper allows Path Traversal.This issue affects Child Themes Helper: from n/a through <= 2.2.7. | ||||