Export limit exceeded: 11454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11454 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53219 | 2 Pl4g4, Wordpress | 2 Wp-database-optimizer-tools, Wordpress | 2025-08-15 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross Site Request Forgery. This issue affects WP-Database-Optimizer-Tools: from n/a through 0.2. | ||||
| CVE-2025-54736 | 2 Nordicmade, Wordpress | 2 Savoy, Wordpress | 2025-08-15 | 5.3 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy allows Retrieve Embedded Sensitive Data. This issue affects Savoy: from n/a through 3.0.8. | ||||
| CVE-2025-55716 | 2 Veronalabs, Wordpress | 2 Wp Statistics, Wordpress | 2025-08-15 | 4.3 Medium |
| Missing Authorization vulnerability in VeronaLabs WP Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Statistics: from n/a through 14.15. | ||||
| CVE-2025-54740 | 2 Michael Nelson, Wordpress | 2 Print My Blog, Wordpress | 2025-08-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog allows Stored XSS. This issue affects Print My Blog: from n/a through 3.27.9. | ||||
| CVE-2025-53221 | 2 Codeablepress, Wordpress | 2 Codeablepress, Wordpress | 2025-08-15 | 4.3 Medium |
| Missing Authorization vulnerability in codeablepress CodeablePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CodeablePress: from n/a through 1.0.0. | ||||
| CVE-2025-52765 | 2 Lisensee, Wordpress | 2 Netinsight Analytics Implementation Plugin, Wordpress | 2025-08-15 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin allows Stored XSS. This issue affects NetInsight Analytics Implementation Plugin: from n/a through 1.0.3. | ||||
| CVE-2025-54749 | 2 Crocoblock, Wordpress | 2 Jetproductgallery, Wordpress | 2025-08-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2. | ||||
| CVE-2025-54717 | 2 E-plugins, Wordpress | 2 Wp Membership, Wordpress | 2025-08-15 | 5.4 Medium |
| Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3. | ||||
| CVE-2025-54708 | 2 Bplugins, Wordpress | 2 B Blocks, Wordpress | 2025-08-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks allows DOM-Based XSS. This issue affects B Blocks: from n/a through 2.0.5. | ||||
| CVE-2025-53347 | 2 Laborator, Wordpress | 2 Kalium, Wordpress | 2025-08-15 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request Forgery. This issue affects Kalium: from n/a through 3.18.3. | ||||
| CVE-2025-53582 | 2 Wordlift, Wordpress | 2 Wordlift, Wordpress | 2025-08-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordLift WordLift allows Stored XSS. This issue affects WordLift: from n/a through 3.54.5. | ||||
| CVE-2025-55713 | 2 Creativethemes, Wordpress | 2 Blocksy, Wordpress | 2025-08-15 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeThemes Blocksy allows Stored XSS. This issue affects Blocksy: from n/a through 2.1.6. | ||||
| CVE-2025-53341 | 2 Themovation, Wordpress | 2 Stratus, Wordpress | 2025-08-15 | 4.3 Medium |
| Missing Authorization vulnerability in Themovation Stratus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stratus: from n/a through 4.2.5. | ||||
| CVE-2025-52771 | 2 Bcupham, Wordpress | 2 Video Expander, Wordpress | 2025-08-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bcupham Video Expander allows Stored XSS. This issue affects Video Expander: from n/a through 1.0. | ||||
| CVE-2025-54747 | 2 Wordpress, Wpbakery | 2 Wordpress, Templatera | 2025-08-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbakery Templatera allows DOM-Based XSS. This issue affects Templatera: from n/a through 2.3.0. | ||||
| CVE-2025-49321 | 2 Themewinter, Wordpress | 2 Eventin, Wordpress | 2025-08-14 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arraytics Eventin allows Reflected XSS. This issue affects Eventin: from n/a through 4.0.28. | ||||
| CVE-2025-49064 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop User Language Switch allows Reflected XSS. This issue affects User Language Switch: from n/a through 1.6.10. | ||||
| CVE-2025-49063 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in i3geek BaiduXZH Submit(百度熊掌号) allows Reflected XSS. This issue affects BaiduXZH Submit(百度熊掌号): from n/a through 1.4.6. | ||||
| CVE-2025-49062 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cornfeed WP-jScrollPane allows Reflected XSS. This issue affects WP-jScrollPane: from n/a through 2.0.3. | ||||
| CVE-2025-25174 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 10 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in beeteam368 BeeTeam368 Extensions allows PHP Local File Inclusion. This issue affects BeeTeam368 Extensions: from n/a through 1.9.4. | ||||