Export limit exceeded: 341925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57925 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in immonex immonex Kickstart Team immonex-kickstart-team allows PHP Local File Inclusion.This issue affects immonex Kickstart Team: from n/a through <= 1.6.9. | ||||
| CVE-2025-57923 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through <= 3.9.2. | ||||
| CVE-2025-57922 | 3 Coordinadora Mercantil, Woocommerce, Wordpress | 3 Envios Coordinadora, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Coordinadora Mercantil S.A. Envíos Coordinadora Woocommerce coordinadora allows Retrieve Embedded Sensitive Data.This issue affects Envíos Coordinadora Woocommerce: from n/a through <= 1.1.32. | ||||
| CVE-2025-57921 | 2 Najeebmedia, Wordpress | 2 Frontend File Manager, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through <= 23.3. | ||||
| CVE-2025-57920 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CK MacLeod Category Featured Images Extended category-featured-images-extended allows Stored XSS.This issue affects Category Featured Images Extended: from n/a through <= 1.52. | ||||
| CVE-2025-57919 | 2 Conveythis, Wordpress | 2 Language Translate Widget For Wordpress Conveythis, Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in ConveyThis ConveyThis conveythis-translate allows Object Injection.This issue affects ConveyThis: from n/a through <= 269.1. | ||||
| CVE-2025-57918 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ERA404 LinkedInclude linkedinclude allows Stored XSS.This issue affects LinkedInclude: from n/a through <= 3.0.4. | ||||
| CVE-2025-57917 | 3 Printcart, Woocommerce, Wordpress | 3 Web To Print Product Designer, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce printcart-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through <= 2.4.8. | ||||
| CVE-2025-57916 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Nurul Amin WP System Information wp-system-info allows Retrieve Embedded Sensitive Data.This issue affects WP System Information: from n/a through <= 1.5. | ||||
| CVE-2025-57915 | 2 Tochat Be, Wordpress | 2 Tochat Be, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in César Martín TOCHAT.BE tochat-be allows Cross Site Request Forgery.This issue affects TOCHAT.BE: from n/a through <= 1.3.4. | ||||
| CVE-2025-57914 | 3 Matat Technologies, Woocommerce, Wordpress | 3 Deliver Via Shipos, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through <= 3.0.2. | ||||
| CVE-2025-57913 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eleopard Behance Portfolio Manager portfolio-manager-powered-by-behance allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through <= 1.7.5. | ||||
| CVE-2025-57912 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dialogity Dialogity Free Live Chat dialogity-website-chat allows Stored XSS.This issue affects Dialogity Free Live Chat: from n/a through <= 1.0.3. | ||||
| CVE-2025-57911 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Adverts adverts-click-tracker allows DOM-Based XSS.This issue affects Adverts: from n/a through <= 1.4. | ||||
| CVE-2025-57910 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AnyClip Video Platform AnyClip Luminous Studio anyclip-media allows Stored XSS.This issue affects AnyClip Luminous Studio: from n/a through <= 1.3.3. | ||||
| CVE-2025-57909 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Rouergue Création Editor Custom Color Palette editor-custom-color-palette allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Editor Custom Color Palette: from n/a through <= 3.5.6. | ||||
| CVE-2025-57908 | 3 Prowcplugins, Woocommerce, Wordpress | 3 Product Time Countdown, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProWCPlugins Product Time Countdown for WooCommerce product-countdown-for-woocommerce allows Stored XSS.This issue affects Product Time Countdown for WooCommerce: from n/a through <= 1.6.5. | ||||
| CVE-2025-57907 | 2 Heureka, Wordpress | 2 Heureka, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Heureka Group Heureka heureka allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Heureka: from n/a through <= 1.1.0. | ||||
| CVE-2025-57906 | 2 Epeken, Wordpress | 2 All Kurir, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in epeken Epeken All Kurir epeken-all-kurir allows Stored XSS.This issue affects Epeken All Kurir: from n/a through <= 2.0.6. | ||||
| CVE-2025-57905 | 3 Amin, Woocommerce, Wordpress | 3 Agreeme Checkboxes, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Amin Y AgreeMe Checkboxes For WooCommerce agreeme-checkboxes-for-woocommerce allows Cross Site Request Forgery.This issue affects AgreeMe Checkboxes For WooCommerce: from n/a through <= 1.1.3. | ||||