Export limit exceeded: 341836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341836 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53587 | 2 Apustheme, Wordpress | 2 Findgo, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo findgo allows Cross Site Request Forgery.This issue affects Findgo: from n/a through <= 1.3.57. | ||||
| CVE-2025-53584 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System wp-ticket allows Object Injection.This issue affects WP Ticket Customer Service Software & Support Ticket System: from n/a through <= 6.0.2. | ||||
| CVE-2025-53583 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in emarket-design Employee Spotlight employee-spotlight allows Object Injection.This issue affects Employee Spotlight: from n/a through <= 5.1.1. | ||||
| CVE-2025-53582 | 2 Wordlift, Wordpress | 2 Wordlift, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordLift WordLift wordlift allows Stored XSS.This issue affects WordLift: from n/a through <= 3.54.5. | ||||
| CVE-2025-53581 | 2 Artiosmedia, Wordpress | 2 Rss Feed Pro, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artiosmedia RSS Feed Pro rss-feed-pro allows Stored XSS.This issue affects RSS Feed Pro: from n/a through <= 1.1.8. | ||||
| CVE-2025-53580 | 2026-04-01 | N/A | ||
| Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through < 15.6.9. | ||||
| CVE-2025-53579 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in captcha.eu Captcha.eu captcha-eu allows Reflected XSS.This issue affects Captcha.eu: from n/a through < 1.0.61. | ||||
| CVE-2025-53578 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kipso kipso allows PHP Local File Inclusion.This issue affects Kipso: from n/a through <= 1.3.4. | ||||
| CVE-2025-53577 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS global-dns allows Remote Code Inclusion.This issue affects Global DNS: from n/a through <= 3.1.0. | ||||
| CVE-2025-53576 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ovatheme Events ova-events allows PHP Local File Inclusion.This issue affects Ovatheme Events: from n/a through <= 1.2.8. | ||||
| CVE-2025-53575 | 3 Primersoftware, Woocommerce, Wordpress | 3 Primer Mydata For Woocommerce, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in primersoftware Primer MyData for Woocommerce primer-mydata allows Reflected XSS.This issue affects Primer MyData for Woocommerce: from n/a through <= 4.2.5. | ||||
| CVE-2025-53572 | 2 Emarketdesign, Wordpress | 2 Wp Easy Contact, Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in emarket-design WP Easy Contact wp-easy-contact allows Object Injection.This issue affects WP Easy Contact: from n/a through <= 4.0.1. | ||||
| CVE-2025-53571 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through <= 1.0.6. | ||||
| CVE-2025-53570 | 2 Delucks, Wordpress | 2 Delucks Seo, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Stored XSS.This issue affects DELUCKS SEO: from n/a through <= 2.7.0. | ||||
| CVE-2025-53569 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Trust Payments Trust Payments Gateway for WooCommerce (JavaScript Library) trust-payments-gateway-3ds2 allows Cross Site Request Forgery.This issue affects Trust Payments Gateway for WooCommerce (JavaScript Library): from n/a through <= 1.3.6. | ||||
| CVE-2025-53568 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli Radio Station radio-station allows Cross Site Request Forgery.This issue affects Radio Station: from n/a through <= 2.5.12. | ||||
| CVE-2025-53567 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Ghost Kit ghostkit allows PHP Local File Inclusion.This issue affects Ghost Kit: from n/a through <= 3.4.1. | ||||
| CVE-2025-53566 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Stored XSS.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through <= 7.8. | ||||
| CVE-2025-53565 | 2 Radiustheme, Wordpress | 2 Widget For Google Reviews, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Widget for Google Reviews business-reviews-wp allows PHP Local File Inclusion.This issue affects Widget for Google Reviews: from n/a through <= 1.0.15. | ||||
| CVE-2025-53564 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon lbg_radio_player_addon_visual_composer allows Reflected XSS.This issue affects HTML5 Radio Player - WPBakery Page Builder Addon: from n/a through <= 2.5. | ||||