Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44811 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-30983 2 Gopiplus, Wordpress 2 Wp Image Slideshow, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Card flip image slideshow card-flip-image-slideshow allows DOM-Based XSS.This issue affects Card flip image slideshow: from n/a through <= 1.5.
CVE-2025-30982 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookProgress by Stormhill Media mybookprogress allows Stored XSS.This issue affects MyBookProgress by Stormhill Media: from n/a through <= 1.0.8.
CVE-2025-30977 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chaport Live Chat Chaport chaport allows Stored XSS.This issue affects Chaport: from n/a through <= 1.1.6.
CVE-2025-30972 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iamapinan Woocommerce Line Notify woo-line-notify allows Stored XSS.This issue affects Woocommerce Line Notify: from n/a through <= 1.1.7.
CVE-2025-30970 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scottwallick Easy Contact easy-contact allows Reflected XSS.This issue affects Easy Contact: from n/a through <= 0.1.2.
CVE-2025-30963 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows DOM-Based XSS.This issue affects JetSmartFilters: from n/a through <= 3.6.3.
CVE-2025-30962 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fs-code FS Poster fs-poster allows Reflected XSS.This issue affects FS Poster: from n/a through <= 6.5.8.
CVE-2025-30961 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tinuzz Trackserver trackserver allows DOM-Based XSS.This issue affects Trackserver: from n/a through <= 5.1.0.
CVE-2025-30955 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3themes ListingEasy listingeasy allows Reflected XSS.This issue affects ListingEasy: from n/a through <= 1.9.2.
CVE-2025-30952 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdive Nexa Blocks nexa-blocks allows Stored XSS.This issue affects Nexa Blocks: from n/a through <= 1.1.0.
CVE-2025-30951 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stiofan BlockStrap Page Builder - Bootstrap Blocks blockstrap-page-builder-blocks allows Stored XSS.This issue affects BlockStrap Page Builder - Bootstrap Blocks: from n/a through <= 0.1.36.
CVE-2025-30950 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Wham All Currencies for WooCommerce woocommerce-all-currencies allows Stored XSS.This issue affects All Currencies for WooCommerce: from n/a through <= 2.4.3.
CVE-2025-30943 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through <= 1.0.
CVE-2025-30942 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through <= 1.14.
CVE-2025-30941 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marvie Pons Pinterest Verify Meta Tag pinterest-verify-meta-tag allows Stored XSS.This issue affects Pinterest Verify Meta Tag: from n/a through <= 1.3.
CVE-2025-30940 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in melipayamak Melipayamak melipayamak allows Stored XSS.This issue affects Melipayamak: from n/a through <= 2.2.12.
CVE-2025-30939 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debashish IFrame Widget iframe-widget allows Stored XSS.This issue affects IFrame Widget: from n/a through <= 4.1.
CVE-2025-30938 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in broadly Broadly for WordPress broadly allows Stored XSS.This issue affects Broadly for WordPress: from n/a through <= 3.0.2.
CVE-2025-30937 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stefanledin Responsify WP responsify-wp allows Stored XSS.This issue affects Responsify WP: from n/a through <= 1.9.11.
CVE-2025-30935 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NickDuncan Contact Form contact-form-ready allows DOM-Based XSS.This issue affects Contact Form: from n/a through <= 2.0.12.