Export limit exceeded: 342053 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342053 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342053 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342053 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39540 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhys Wynne WP Flipclock wp-flipclock allows DOM-Based XSS.This issue affects WP Flipclock: from n/a through <= 1.9.1. | ||||
| CVE-2025-39539 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brewlabs WP Email Delivery wp-email-delivery allows Reflected XSS.This issue affects WP Email Delivery: from n/a through <= 1.20.11.23. | ||||
| CVE-2025-39538 | 2026-04-01 | N/A | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through <= 3.3.9.4. | ||||
| CVE-2025-39537 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blaze Concepts Better Customer List for WooCommerce woo-better-customer-list allows Reflected XSS.This issue affects Better Customer List for WooCommerce: from n/a through <= 1.2.3. | ||||
| CVE-2025-39535 | 2026-04-01 | N/A | ||
| Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through <= 3.1.7. | ||||
| CVE-2025-39533 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Starfish Reviews Starfish Review Generation & Marketing starfish-reviews allows Privilege Escalation.This issue affects Starfish Review Generation & Marketing: from n/a through <= 3.1.19. | ||||
| CVE-2025-39532 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in spicethemes Spice Blocks spice-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spice Blocks: from n/a through <= 2.0.7.7. | ||||
| CVE-2025-39531 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in slazzercom Slazzer Background Changer slazzer-background-changer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slazzer Background Changer: from n/a through <= 3.14. | ||||
| CVE-2025-39530 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through <= 2.1.8. | ||||
| CVE-2025-39529 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robin Cornett Scriptless Social Sharing scriptless-social-sharing allows Stored XSS.This issue affects Scriptless Social Sharing: from n/a through <= 3.3.0. | ||||
| CVE-2025-39528 | 1 Rescuethemes | 1 Rescue Shortcodes | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes rescue-shortcodes allows Stored XSS.This issue affects Rescue Shortcodes: from n/a through <= 3.1. | ||||
| CVE-2025-39527 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in bestweblayout Rating by BestWebSoft rating-bws allows Object Injection.This issue affects Rating by BestWebSoft: from n/a through <= 1.7. | ||||
| CVE-2025-39526 | 1 Nicdark | 1 Hotel Booking | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark Hotel Booking nd-booking allows PHP Local File Inclusion.This issue affects Hotel Booking: from n/a through <= 3.6. | ||||
| CVE-2025-39525 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Logo Carousel Slider logo-carousel-slider allows Stored XSS.This issue affects Logo Carousel Slider: from n/a through <= 2.1.3. | ||||
| CVE-2025-39524 | 1 Bplugins | 1 Html5 Audio Player | 2026-04-01 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in bPlugins Html5 Audio Player html5-audio-player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through <= 2.2.28. | ||||
| CVE-2025-39523 | 2 Goodbarber, Wordpress | 2 Goodbarber, Wordpress | 2026-04-01 | N/A |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in GoodBarber GoodBarber goodbarber.This issue affects GoodBarber: from n/a through <= 1.0.26. | ||||
| CVE-2025-39522 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Service2Client LLC Dynamic Post dynamic-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Post: from n/a through <= 5.03. | ||||
| CVE-2025-39521 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani Contact Form vCard Generator contact-form-vcard-generator allows Reflected XSS.This issue affects Contact Form vCard Generator: from n/a through <= 2.4. | ||||
| CVE-2025-39520 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Wham Checkout Files Upload for WooCommerce checkout-files-upload-woocommerce allows Stored XSS.This issue affects Checkout Files Upload for WooCommerce: from n/a through <= 2.2.0. | ||||
| CVE-2025-39519 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in runthings.dev Bulk Page Stub Creator bulk-page-stub-creator allows Reflected XSS.This issue affects Bulk Page Stub Creator: from n/a through <= 1.1. | ||||