Export limit exceeded: 11399 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11399 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58265 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stonehenge Creations Events Manager – OpenStreetMaps stonehenge-em-osm allows Stored XSS.This issue affects Events Manager – OpenStreetMaps: from n/a through <= 4.2.1. | ||||
| CVE-2025-58264 | 2 Artbees, Wordpress | 2 Jupiter X Core, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artbees JupiterX Core jupiterx-core allows Stored XSS.This issue affects JupiterX Core: from n/a through <= 4.11.0. | ||||
| CVE-2025-58263 | 2 Buddypress, Wordpress | 2 Buddypress, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BuddyDev BuddyPress Notification Widget buddypress-notifications-widget allows Stored XSS.This issue affects BuddyPress Notification Widget: from n/a through <= 1.3.3. | ||||
| CVE-2025-58262 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through <= 1.0.8. | ||||
| CVE-2025-58261 | 2 Presspage Entertainment, Wordpress | 2 Mavis Https To Http Redirection, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection mavis-https-to-http-redirect allows Stored XSS.This issue affects Mavis HTTPS to HTTP Redirection: from n/a through <= 1.4.3. | ||||
| CVE-2025-58260 | 2 Ronald Huereca, Wordpress | 2 Highlight And Share, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Stored XSS.This issue affects Highlight and Share: from n/a through <= 5.1.1. | ||||
| CVE-2025-58259 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in scriptsbundle Nokri nokri allows Cross Site Request Forgery.This issue affects Nokri: from n/a through <= 1.6.4. | ||||
| CVE-2025-58258 | 2 Thedevoice, Wordpress | 2 Lazy Blocks, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in nK Lazy Blocks lazy-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lazy Blocks: from n/a through <= 4.1.0. | ||||
| CVE-2025-58257 | 2 Picture-planet, Wordpress | 2 Verowa Connect, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Picture-Planet GmbH Verowa Connect verowa-connect allows Stored XSS.This issue affects Verowa Connect: from n/a through <= 3.2.3. | ||||
| CVE-2025-58256 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonathan Brinley DOAJ Export doaj-export allows Stored XSS.This issue affects DOAJ Export: from n/a through <= 1.0.4. | ||||
| CVE-2025-58255 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through <= 0.5. | ||||
| CVE-2025-58254 | 3 Dtbaker, Elementor, Wordpress | 3 Stylepress, Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dtbaker StylePress for Elementor full-site-builder-for-elementor allows Stored XSS.This issue affects StylePress for Elementor: from n/a through <= 1.2.1. | ||||
| CVE-2025-58253 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows DOM-Based XSS.This issue affects Real Estate Manager: from n/a through <= 7.3. | ||||
| CVE-2025-58252 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in jetmonsters Getwid getwid allows Retrieve Embedded Sensitive Data.This issue affects Getwid: from n/a through <= 2.1.2. | ||||
| CVE-2025-58251 | 3 Elementor, Posimyth, Wordpress | 3 Elementor, Sticky Header Effects, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in POSIMYTH Sticky Header Effects for Elementor sticky-header-effects-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Header Effects for Elementor: from n/a through <= 2.1.2. | ||||
| CVE-2025-58250 | 2 Apustheme, Wordpress | 2 Findgo, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo fingo allows Authentication Bypass.This issue affects Findgo: from n/a through <= 1.3.55. | ||||
| CVE-2025-58249 | 2 Themeum, Wordpress | 2 Qubely, Wordpress | 2026-04-01 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through <= 1.8.14. | ||||
| CVE-2025-58248 | 2 Codefish, Wordpress | 2 Pinterest Pinboard Widget, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codefish Pinterest Pinboard Widget pinterest-pinboard-widget allows Stored XSS.This issue affects Pinterest Pinboard Widget: from n/a through <= 1.0.7. | ||||
| CVE-2025-58247 | 2 Templateinvaders, Wordpress | 2 Ti Woocommerce Wishlist, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TI WooCommerce Wishlist: from n/a through <= 2.10.0. | ||||
| CVE-2025-58245 | 2 Bestweblayout, Wordpress | 2 Portfolio, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bestweblayout Portfolio portfolio allows DOM-Based XSS.This issue affects Portfolio : from n/a through <= 2.58. | ||||