Export limit exceeded: 342229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342229 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47647 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through <= 1.18. | ||||
| CVE-2025-47646 | 2026-04-01 | N/A | ||
| Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration psw-login-and-registration allows Password Recovery Exploitation.This issue affects PSW Front-end Login & Registration: from n/a through <= 1.13. | ||||
| CVE-2025-47645 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes elex-bulk-edit-products-prices-attributes-for-woocommerce-basic allows SQL Injection.This issue affects ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes: from n/a through <= 1.4.9. | ||||
| CVE-2025-47644 | 2026-04-01 | N/A | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form integrations-of-zoho-crm-with-elementor-form allows Phishing.This issue affects Integrations of Zoho CRM with Elementor form: from n/a through <= 1.0.8. | ||||
| CVE-2025-47642 | 1 Ajar Productions | 1 Ajar In5 Embed | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed ajar-productions-in5-embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through <= 3.1.5. | ||||
| CVE-2025-47641 | 1 Woocommerce | 1 Woocommerce | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows Upload a Web Shell to a Web Server.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.3.9. | ||||
| CVE-2025-47640 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows SQL Injection.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.4.0. | ||||
| CVE-2025-47639 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Supertext Supertext Translation and Proofreading polylang-supertext allows Stored XSS.This issue affects Supertext Translation and Proofreading: from n/a through <= 4.26. | ||||
| CVE-2025-47638 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sarvesh M Rao WP Discord Invite wp-discord-invite allows Stored XSS.This issue affects WP Discord Invite: from n/a through <= 2.5.3. | ||||
| CVE-2025-47637 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in STAGGS STAGGS staggs allows Upload a Web Shell to a Web Server.This issue affects STAGGS: from n/a through <= 2.11.0. | ||||
| CVE-2025-47636 | 2026-04-01 | N/A | ||
| Path Traversal: '.../...//' vulnerability in Fernando Briano List category posts list-category-posts allows PHP Local File Inclusion.This issue affects List category posts: from n/a through <= 0.91.0. | ||||
| CVE-2025-47635 | 1 Webinarpress | 1 Webinarpress | 2026-04-01 | 9.8 Critical |
| Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Server Side Request Forgery.This issue affects WebinarPress: from n/a through <= 1.33.28. | ||||
| CVE-2025-47634 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Keylor Mendoza WC Pickup Store wc-pickup-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WC Pickup Store: from n/a through <= 1.8.9. | ||||
| CVE-2025-47633 | 1 Awin | 1 Awin - Advertiser Tracking For Woocommerce | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Awin Awin – Advertiser Tracking for WooCommerce awin-advertiser-tracking allows Cross Site Request Forgery.This issue affects Awin – Advertiser Tracking for WooCommerce: from n/a through <= 2.0.0. | ||||
| CVE-2025-47632 | 1 Raihancse | 1 Awesome Gallery | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raihanul Islam Awesome Gallery awesome-gallery allows Stored XSS.This issue affects Awesome Gallery: from n/a through <= 1.0. | ||||
| CVE-2025-47630 | 1 Connekthq | 1 Ajax Load More | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney Ajax Load More ajax-load-more allows Stored XSS.This issue affects Ajax Load More: from n/a through <= 7.3.1.2. | ||||
| CVE-2025-47629 | 1 Wp-crm | 1 Wp-crm System | 2026-04-01 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Object Injection.This issue affects WP-CRM System: from n/a through <= 3.4.5. | ||||
| CVE-2025-47628 | 1 Quomodosoft | 1 Qs Dark Mode | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in quomodosoft QS Dark Mode qs-dark-mode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QS Dark Mode: from n/a through <= 3.0. | ||||
| CVE-2025-47626 | 1 Apasionados | 1 Submission Dom Tracking For Contact Form 7 | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados Submission DOM tracking for Contact Form 7 cf7-submission-dom-tracking allows Stored XSS.This issue affects Submission DOM tracking for Contact Form 7: from n/a through <= 2.1. | ||||
| CVE-2025-47625 | 1 Apasionados | 1 Dofollow Case By Case | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Stored XSS.This issue affects DoFollow Case by Case: from n/a through <= 3.5.1. | ||||