Export limit exceeded: 342040 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342040 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46493 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Stored XSS.This issue affects Crossword Compiler Puzzles: from n/a through <= 14.5. | ||||
| CVE-2025-46492 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog call-now-coccoc-pht-blog allows Stored XSS.This issue affects Call Now PHT Blog: from n/a through <= 2.4.1. | ||||
| CVE-2025-46491 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthew Muro Multi-Column Taxonomy List multi-column-taxonomy-list allows Stored XSS.This issue affects Multi-Column Taxonomy List: from n/a through <= 1.5. | ||||
| CVE-2025-46490 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in wordwebsoftware Crossword Compiler Puzzles crossword-compiler-puzzles allows Upload a Web Shell to a Web Server.This issue affects Crossword Compiler Puzzles: from n/a through <= 5.2. | ||||
| CVE-2025-46489 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in vinodvaswani9 Bulk Assign Linked Products For WooCommerce wc-bulk-assign-linked-products allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bulk Assign Linked Products For WooCommerce: from n/a through <= 2.1. | ||||
| CVE-2025-46488 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in dastan800 Visual Builder visual-builder allows Reflected XSS.This issue affects Visual Builder: from n/a through <= 1.2.2. | ||||
| CVE-2025-46487 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sftranna EC Authorize.net ec-authorizenet allows Reflected XSS.This issue affects EC Authorize.net: from n/a through <= 0.3.3. | ||||
| CVE-2025-46486 | 2026-04-01 | N/A | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in totalprocessing Nomupay Payment Processing Gateway totalprocessing-card-payments allows Path Traversal.This issue affects Nomupay Payment Processing Gateway: from n/a through <= 7.1.7. | ||||
| CVE-2025-46485 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through <= 1.6.5. | ||||
| CVE-2025-46484 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nasir179125 Image Hover Effects For WPBakery Page Builder image-hover-effects-for-visual-composer allows DOM-Based XSS.This issue affects Image Hover Effects For WPBakery Page Builder: from n/a through <= 2.0. | ||||
| CVE-2025-46483 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Moss Peadig’s Google +1 Button google-1 allows DOM-Based XSS.This issue affects Peadig’s Google +1 Button: from n/a through <= 0.1.2. | ||||
| CVE-2025-46482 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyThemeShop WP Quiz wp-quiz allows Stored XSS.This issue affects WP Quiz: from n/a through <= 2.0.10. | ||||
| CVE-2025-46481 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in Michael Cannon Flickr Shortcode Importer flickr-shortcode-importer allows Object Injection.This issue affects Flickr Shortcode Importer: from n/a through <= 2.2.3. | ||||
| CVE-2025-46480 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Padam Shankhadev Nepali Post Date nepali-post-date allows Stored XSS.This issue affects Nepali Post Date: from n/a through <= 5.1.1. | ||||
| CVE-2025-46479 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevynCJohnson BBCode Deluxe bbcode-deluxe allows DOM-Based XSS.This issue affects BBCode Deluxe: from n/a through <= 2020.08.01.2. | ||||
| CVE-2025-46478 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in metaloha Dropdown Content dropdown-content allows Stored XSS.This issue affects Dropdown Content: from n/a through <= 1.0.2. | ||||
| CVE-2025-46477 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through <= 1.6.5. | ||||
| CVE-2025-46476 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nayon46 Awesome Wp Image Gallery awesome-wp-image-gallery allows Stored XSS.This issue affects Awesome Wp Image Gallery: from n/a through <= 1.0. | ||||
| CVE-2025-46475 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Dolson Able Player ableplayer allows DOM-Based XSS.This issue affects Able Player: from n/a through <= 1.2.1. | ||||
| CVE-2025-46474 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SEUR OFICIAL SEUR Oficial seur allows PHP Local File Inclusion.This issue affects SEUR Oficial: from n/a through <= 2.2.23. | ||||