Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44657 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-25452 2 Wordpress, Wpdo 2 Wordpress, Remoji 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDO Remoji remoji allows Stored XSS.This issue affects Remoji: from n/a through <= 2.2.
CVE-2026-32518 2 Imithemes, Wordpress 2 Gaea, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in imithemes Gaea gaea allows Reflected XSS.This issue affects Gaea: from n/a through < 3.8.
CVE-2026-27073 2 Addi, Wordpress 2 Addi – Cuotas Que Se Adaptan A Ti, Wordpress 2026-03-30 7.5 High
Use of Hard-coded Credentials vulnerability in Addi Addi &#8211; Cuotas que se adaptan a ti buy-now-pay-later-addi allows Password Recovery Exploitation.This issue affects Addi &#8211; Cuotas que se adaptan a ti: from n/a through <= 2.0.4.
CVE-2026-25435 2 Wordpress, Wpdevart 3 Wordpress, Booking Calendar, Booking Calendar, Appointment Booking System 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Booking calendar, Appointment Booking System booking-calendar allows Stored XSS.This issue affects Booking calendar, Appointment Booking System: from n/a through <= 3.2.36.
CVE-2026-25376 2 Eyecix, Wordpress 2 Addon Jobsearch Chat, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix Addon Jobsearch Chat addon-jobsearch-chat allows Reflected XSS.This issue affects Addon Jobsearch Chat: from n/a through <= 3.0.
CVE-2026-32491 2 Jgwhite33, Wordpress 2 Wp Review Slider, Wordpress 2026-03-30 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Slider: from n/a through <= 13.9.
CVE-2026-25013 2 Whmcsdes, Wordpress 2 Phox Hosting, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WHMCSdes Phox Hosting phox-host allows Reflected XSS.This issue affects Phox Hosting: from n/a through <= 2.0.8.
CVE-2026-25306 2 8theme, Wordpress 2 Xstore Core, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through <= 5.6.4.
CVE-2026-25417 2 Metagauss, Wordpress 2 Profilegrid, Wordpress 2026-03-30 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Stored XSS.This issue affects ProfileGrid : from n/a through <= 5.9.8.1.
CVE-2026-31914 2 Hookandhook, Wordpress 2 Wp Courses Lms, Wordpress 2026-03-30 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through <= 3.2.26.
CVE-2026-32494 2 Ays-pro, Wordpress 2 Image Slider, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through <= 2.7.1.
CVE-2026-24391 2 Thememakers, Wordpress 2 Car Dealer, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeMakers Car Dealer cardealer allows Reflected XSS.This issue affects Car Dealer: from n/a through <= 1.6.7.
CVE-2026-25361 2 Magepeopleteam, Wordpress 2 Wpevently, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam WpEvently mage-eventpress allows Reflected XSS.This issue affects WpEvently: from n/a through <= 5.1.4.
CVE-2026-25346 2 Ays-pro, Wordpress 2 Faq Builder, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro FAQ Builder AYS faq-builder-ays allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAQ Builder AYS: from n/a through <= 1.8.2.
CVE-2026-27054 2 Pencidesign, Wordpress 2 Penci Soledad Data Migrator, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Soledad Data Migrator penci-data-migrator allows Reflected XSS.This issue affects Penci Soledad Data Migrator: from n/a through <= 1.3.1.
CVE-2026-25461 2 Purethemes, Wordpress 2 Listeo, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes Listeo Core listeo-core allows Reflected XSS.This issue affects Listeo Core: from n/a through <= 2.0.21.
CVE-2026-32544 2 Oopspam, Wordpress 2 Oopspam Anti-spam, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OOPSpam Team OOPSpam Anti-Spam oopspam-anti-spam allows Stored XSS.This issue affects OOPSpam Anti-Spam: from n/a through <= 1.2.62.
CVE-2026-32528 2 Don-themes, Wordpress 2 Riode, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in don-themes Riode riode allows Reflected XSS.This issue affects Riode: from n/a through < 1.6.29.
CVE-2026-24980 2 Nootheme, Wordpress 2 Visionary Core, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Visionary Core noo-visionary-core allows Reflected XSS.This issue affects Visionary Core: from n/a through <= 1.4.9.
CVE-2026-25304 2 Skygroup, Wordpress 2 Jaroti, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Jaroti jaroti allows Reflected XSS.This issue affects Jaroti: from n/a through < 1.4.8.