Export limit exceeded: 11498 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11498 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49290 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) off-canvas-sidebars allows Reflected XSS.This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through <= 0.5.8.4. | ||||
| CVE-2025-49282 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magze magze allows PHP Local File Inclusion.This issue affects Magze: from n/a through <= 1.0.9. | ||||
| CVE-2025-49281 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magways magways allows PHP Local File Inclusion.This issue affects Magways: from n/a through <= 1.2.1. | ||||
| CVE-2025-49280 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magty magty allows PHP Local File Inclusion.This issue affects Magty: from n/a through <= 1.0.6. | ||||
| CVE-2025-49278 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogty blogty allows PHP Local File Inclusion.This issue affects Blogty: from n/a through <= 1.0.11. | ||||
| CVE-2025-49277 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogprise blogprise allows PHP Local File Inclusion.This issue affects Blogprise: from n/a through <= 1.0.9. | ||||
| CVE-2025-49276 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogmine blogmine allows PHP Local File Inclusion.This issue affects Blogmine: from n/a through <= 1.1.7. | ||||
| CVE-2025-49274 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awordpresslife Neom Blog neom-blog allows Reflected XSS.This issue affects Neom Blog: from n/a through <= 0.0.9. | ||||
| CVE-2025-49272 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through <= 5.20.0. | ||||
| CVE-2025-49271 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GravityWP GravityWP - Merge Tags gravitywp-merge-tags allows PHP Local File Inclusion.This issue affects GravityWP - Merge Tags: from n/a through <= 1.4.4. | ||||
| CVE-2025-49267 | 2 Dynamiapps, Wordpress | 2 Frontend Admin, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Blind SQL Injection.This issue affects Frontend Admin by DynamiApps: from n/a through <= 3.28.3. | ||||
| CVE-2025-49264 | 1 Wordpress | 2 Cloud Saml Sso, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On Login: from n/a through <= 1.0.18. | ||||
| CVE-2025-49250 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in cmoreira Team Showcase team-showcase-cm allows Code Injection.This issue affects Team Showcase: from n/a through < 25.05.13. | ||||
| CVE-2025-49248 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in cmoreira Team Showcase team-showcase-cm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team Showcase: from n/a through < 25.05.13. | ||||
| CVE-2025-49247 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmoreira Team Showcase team-showcase-cm allows DOM-Based XSS.This issue affects Team Showcase: from n/a through < 25.05.13. | ||||
| CVE-2025-49246 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in cmoreira Testimonials Showcase testimonials-showcase allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonials Showcase: from n/a through <= 1.9.16. | ||||
| CVE-2025-49245 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmoreira Testimonials Showcase testimonials-showcase allows Reflected XSS.This issue affects Testimonials Showcase: from n/a through <= 1.9.16. | ||||
| CVE-2025-49240 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in nK DocsPress docspress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DocsPress: from n/a through <= 2.5.2. | ||||
| CVE-2025-49073 | 2 Axiomthemes, Wordpress | 2 Sweet Dessert, Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in axiomthemes Sweet Dessert sweet-dessert allows Object Injection.This issue affects Sweet Dessert: from n/a through < 1.1.13. | ||||
| CVE-2025-49072 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in AncoraThemes Mr. Murphy mr-murphy allows Object Injection.This issue affects Mr. Murphy: from n/a through < 1.2.12.1. | ||||