Export limit exceeded: 341845 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341845 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62079 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies wp-export-categories-taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through <= 1.0.3. | ||||
| CVE-2025-62078 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Fahad Mahmood Easy Upload Files During Checkout easy-upload-files-during-checkout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Upload Files During Checkout: from n/a through <= 3.0.0. | ||||
| CVE-2025-60219 | 3 Harutheme, Woocommerce, Wordpress | 3 Woocommerce Designer Pro, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro wc-designer-pro allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Designer Pro: from n/a through <= 1.9.24. | ||||
| CVE-2025-60186 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Moss Google+ Comments google-plus-comments allows Stored XSS.This issue affects Google+ Comments: from n/a through <= 1.0. | ||||
| CVE-2025-60185 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kontur.us kontur Admin Style kontur-admin-style allows Stored XSS.This issue affects kontur Admin Style: from n/a through <= 1.0.4. | ||||
| CVE-2025-60184 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terry L. SEO Search Permalink seo-search-permalink allows Stored XSS.This issue affects SEO Search Permalink: from n/a through <= 1.0.3. | ||||
| CVE-2025-60181 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in silence Silencesoft RSS Reader external-rss-reader allows Server Side Request Forgery.This issue affects Silencesoft RSS Reader: from n/a through <= 0.6. | ||||
| CVE-2025-60177 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rozx Recaptcha – wp recaptcha-wp allows Stored XSS.This issue affects Recaptcha – wp: from n/a through <= 0.2.6. | ||||
| CVE-2025-60173 | 3 Ashwani Kumar, Woocommerce, Wordpress | 3 Gst For Woocommerce, Woocommerce, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Ashwani kumar GST for WooCommerce gst-for-woocommerce allows Stored XSS.This issue affects GST for WooCommerce: from n/a through <= 2.0. | ||||
| CVE-2025-60172 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in flytedesk Flytedesk Digital flytedesk-digital allows Stored XSS.This issue affects Flytedesk Digital: from n/a through <= 20181101. | ||||
| CVE-2025-60171 | 3 Woocommerce, Wordpress, Yourplugins | 3 Woocommerce, Wordpress, Conditional Cart Messages For Woocommerce | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in yourplugins Conditional Cart Messages for WooCommerce – YourPlugins.com yourplugins-wc-conditional-cart-notices allows Stored XSS.This issue affects Conditional Cart Messages for WooCommerce – YourPlugins.com: from n/a through <= 1.2.10. | ||||
| CVE-2025-60170 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Taraprasad Swain HTACCESS IP Blocker htaccess-ip-blocker allows Stored XSS.This issue affects HTACCESS IP Blocker: from n/a through <= 1.0. | ||||
| CVE-2025-60169 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in W3S Cloud Technology W3SCloud Contact Form 7 to Zoho CRM w3s-cf7-zoho allows Stored XSS.This issue affects W3SCloud Contact Form 7 to Zoho CRM: from n/a through <= 3.2. | ||||
| CVE-2025-60167 | 3 Elementor, Honzat, Wordpress | 3 Elementor, Page Manager For Elementor, Wordpress | 2026-04-01 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in honzat Page Manager for Elementor page-manager-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Page Manager for Elementor: from n/a through <= 2.0.5. | ||||
| CVE-2025-60166 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in wpshuffle WP Subscription Forms PRO wp-subscription-forms-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms PRO: from n/a through <= 2.0.5. | ||||
| CVE-2025-60165 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in HaruTheme Frames frames allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frames: from n/a through <= 1.5.7. | ||||
| CVE-2025-60164 | 2 Newsman, Wordpress | 2 Newsmanapp, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in NewsMAN NewsmanApp newsmanapp allows Stored XSS.This issue affects NewsmanApp: from n/a through <= 2.7.7. | ||||
| CVE-2025-60163 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through <= 3.2. | ||||
| CVE-2025-60162 | 2 Pickplugins, Wordpress | 2 Job Board Manager, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager job-board-manager allows DOM-Based XSS.This issue affects Job Board Manager: from n/a through <= 2.1.61. | ||||
| CVE-2025-60161 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in bdthemes ZoloBlocks zoloblocks allows Server Side Request Forgery.This issue affects ZoloBlocks: from n/a through <= 2.3.11. | ||||