Export limit exceeded: 342239 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11498 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54047 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in QuanticaLabs Cost Calculator ql-cost-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator: from n/a through <= 7.4. | ||||
| CVE-2025-54046 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Cost Calculator ql-cost-calculator allows Stored XSS.This issue affects Cost Calculator: from n/a through <= 7.4. | ||||
| CVE-2025-54044 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in _CreativeMedia_ Elite Video Player elite-video-player allows Reflected XSS.This issue affects Elite Video Player: from n/a through <= 10.0.5. | ||||
| CVE-2025-54043 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for Amazon SES smtp-amazon-ses allows SQL Injection.This issue affects SMTP for Amazon SES: from n/a through <= 1.9. | ||||
| CVE-2025-54042 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Xfinitysoft WP Post Hide wp-post-hide allows Cross Site Request Forgery.This issue affects WP Post Hide: from n/a through <= 1.0.9. | ||||
| CVE-2025-54040 | 2 Webba-booking, Wordpress | 2 Webba Booking, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webba Booking: from n/a through <= 5.1.20. | ||||
| CVE-2025-54039 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Animator scroll-triggered-animations allows Cross Site Request Forgery.This issue affects Animator: from n/a through <= 3.0.16. | ||||
| CVE-2025-54037 | 2 Blazethemes, Wordpress | 2 News Kit Elementor Addons, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through <= 1.3.4. | ||||
| CVE-2025-54034 | 2 Tribulant, Wordpress | 2 Newsletters, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Tribulant Software Newsletters newsletters-lite allows PHP Local File Inclusion.This issue affects Newsletters: from n/a through <= 4.10. | ||||
| CVE-2025-54032 | 2 Webcodingplace, Wordpress | 2 Real Estate Manager, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Real Estate Manager Pro real-estate-manager-pro allows Reflected XSS.This issue affects Real Estate Manager Pro: from n/a through <= 12.7.3. | ||||
| CVE-2025-54031 | 2 Schiocco, Wordpress | 2 Support Board, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through <= 3.8.0. | ||||
| CVE-2025-54028 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Saleswonder Team: Tobias CF7 WOW Styler cf7-styler allows PHP Local File Inclusion.This issue affects CF7 WOW Styler: from n/a through <= 1.7.2. | ||||
| CVE-2025-54027 | 2 Schiocco, Wordpress | 2 Support Board, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through <= 3.8.0. | ||||
| CVE-2025-54026 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuanticaLabs GymBase Theme Classes gymbase_classes allows SQL Injection.This issue affects GymBase Theme Classes: from n/a through <= 1.4. | ||||
| CVE-2025-54025 | 2 Relywp, Wordpress | 2 Coupon Affiliates, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through <= 6.4.0. | ||||
| CVE-2025-54024 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts wpadverts allows DOM-Based XSS.This issue affects WPAdverts: from n/a through <= 2.2.5. | ||||
| CVE-2025-54020 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Erik AntiSpam for Contact Form 7 cf7-antispam allows Cross Site Request Forgery.This issue affects AntiSpam for Contact Form 7: from n/a through <= 0.6.3. | ||||
| CVE-2025-54019 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through < 7.8.5. | ||||
| CVE-2025-54018 | 2 Creativemindssolutions, Wordpress | 2 Cm Pop-up Banners, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Pop-Up banners: from n/a through <= 1.8.4. | ||||
| CVE-2025-54017 | 2 Cozmoslabs, Wordpress | 2 Paid Member Subscriptions, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows PHP Local File Inclusion.This issue affects Paid Member Subscriptions: from n/a through <= 2.15.4. | ||||