Export limit exceeded: 342055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342055 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39520 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Wham Checkout Files Upload for WooCommerce checkout-files-upload-woocommerce allows Stored XSS.This issue affects Checkout Files Upload for WooCommerce: from n/a through <= 2.2.0. | ||||
| CVE-2025-39519 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in runthings.dev Bulk Page Stub Creator bulk-page-stub-creator allows Reflected XSS.This issue affects Bulk Page Stub Creator: from n/a through <= 1.1. | ||||
| CVE-2025-39518 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RedefiningTheWeb BMA Lite bma-lite-appointment-booking-and-scheduling allows SQL Injection.This issue affects BMA Lite: from n/a through <= 1.4.2. | ||||
| CVE-2025-39517 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Basic Interactive World Map basic-interactive-world-map allows Cross Site Request Forgery.This issue affects Basic Interactive World Map: from n/a through <= 2.7. | ||||
| CVE-2025-39516 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alan Petersen Author WIP Progress Bar author-work-in-progress-bar allows DOM-Based XSS.This issue affects Author WIP Progress Bar: from n/a through <= 1.0. | ||||
| CVE-2025-39515 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tnomi Attendance Manager attendance-manager allows Stored XSS.This issue affects Attendance Manager: from n/a through <= 0.6.2. | ||||
| CVE-2025-39514 | 1 Asgaros | 1 Asgaros Forum | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asgaros Asgaros Forum asgaros-forum allows Stored XSS.This issue affects Asgaros Forum: from n/a through <= 3.2.1. | ||||
| CVE-2025-39513 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in ActiveDEMAND Online Agency Marketing Automation ActiveDEMAND activedemand allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ActiveDEMAND: from n/a through <= 0.2.46. | ||||
| CVE-2025-39512 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Yuya Hoshino Bulk Term Editor bulk-term-editor allows Cross Site Request Forgery.This issue affects Bulk Term Editor: from n/a through <= 1.1.4. | ||||
| CVE-2025-39511 | 1 Valvepress | 1 Pinterest Automatic Pin | 2026-04-01 | N/A |
| Missing Authorization vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pinterest Automatic Pin: from n/a through <= 4.19.0. | ||||
| CVE-2025-39510 | 2 Valvepress, Wordpress | 2 Pinterest Automatic Pin, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through < 4.19.0. | ||||
| CVE-2025-39509 | 1 Themencode | 1 Tnc Flipbook | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode TNC FlipBook pdf-viewer-for-wordpress allows Stored XSS.This issue affects TNC FlipBook: from n/a through <= 12.1.0. | ||||
| CVE-2025-39508 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Nasa Core nasa-core allows Reflected XSS.This issue affects Nasa Core: from n/a through <= 6.4.4. | ||||
| CVE-2025-39507 | 1 Nasatheme | 1 Nasa Core | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core nasa-core allows PHP Local File Inclusion.This issue affects Nasa Core: from n/a through < 6.4.4. | ||||
| CVE-2025-39506 | 2 Nasatheme, Wordpress | 2 Nasa Core, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core nasa-core allows PHP Local File Inclusion.This issue affects Nasa Core: from n/a through <= 6.3.2. | ||||
| CVE-2025-39505 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Goodlayers Hotel gdlr-hotel allows Reflected XSS.This issue affects Goodlayers Hotel: from n/a through <= 3.1.4. | ||||
| CVE-2025-39504 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GoodLayers Goodlayers Hotel gdlr-hotel allows Blind SQL Injection.This issue affects Goodlayers Hotel: from n/a through <= 3.1.4. | ||||
| CVE-2025-39503 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in GoodLayers Goodlayers Hotel gdlr-hotel allows Object Injection.This issue affects Goodlayers Hotel: from n/a through <= 3.1.4. | ||||
| CVE-2025-39502 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Goodlayers Hostel gdlr-hostel allows Reflected XSS.This issue affects Goodlayers Hostel: from n/a through <= 3.1.2. | ||||
| CVE-2025-39501 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GoodLayers Goodlayers Hostel gdlr-hostel allows Blind SQL Injection.This issue affects Goodlayers Hostel: from n/a through <= 3.1.4. | ||||