Export limit exceeded: 343222 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 11529 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11529 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31622 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Utkarsh Kukreti Advanced Typekit advanced-typekit allows Stored XSS.This issue affects Advanced Typekit: from n/a through <= 1.0.1. | ||||
| CVE-2025-31621 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in davidpaulsson byBrick Accordion bybrick-accordion allows Stored XSS.This issue affects byBrick Accordion: from n/a through <= 1.0. | ||||
| CVE-2025-31620 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carperfer CoverManager covermanager allows Stored XSS.This issue affects CoverManager: from n/a through <= 0.0.1. | ||||
| CVE-2025-31619 | 2 Marcoingraiti, Wordpress | 2 Actionwear Products Sync, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows SQL Injection.This issue affects Actionwear products sync: from n/a through <= 2.3.3. | ||||
| CVE-2025-31614 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hiroprot Terms Before Download terms-before-download allows Stored XSS.This issue affects Terms Before Download: from n/a through <= 1.0.5. | ||||
| CVE-2025-31613 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Aboobacker. AB Google Map Travel ab-google-map-travel allows Cross Site Request Forgery.This issue affects AB Google Map Travel : from n/a through <= 4.6. | ||||
| CVE-2025-31612 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in Sabuj Kundu CBX Poll cbxpoll allows Object Injection.This issue affects CBX Poll: from n/a through <= 2.0.4. | ||||
| CVE-2025-31611 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Shaharia Azam Auto Post After Image Upload auto-post-after-image-upload allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Post After Image Upload: from n/a through <= 1.6. | ||||
| CVE-2025-31608 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reDim GmbH CookieHint WP cookiehint-wp allows Stored XSS.This issue affects CookieHint WP: from n/a through <= 1.0.0. | ||||
| CVE-2025-31607 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flomei Simple-Audioplayer simple-audioplayer allows Stored XSS.This issue affects Simple-Audioplayer: from n/a through <= 1.1. | ||||
| CVE-2025-31605 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WeblineIndia Welcome Popup welcome-popup allows Stored XSS.This issue affects Welcome Popup: from n/a through <= 1.0.10. | ||||
| CVE-2025-31602 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Proptech Plugin Apimo Connector apimo allows Cross Site Request Forgery.This issue affects Apimo Connector: from n/a through <= 2.6.5.1. | ||||
| CVE-2025-31600 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in designnbuy DesignO designo allows Cross Site Request Forgery.This issue affects DesignO: from n/a through <= 2.6.0. | ||||
| CVE-2025-31596 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Chatwee Chat by Chatwee chatwee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chat by Chatwee: from n/a through <= 2.1.3. | ||||
| CVE-2025-31591 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in promoz73 Exit Popup Free exit-popup-free allows Stored XSS.This issue affects Exit Popup Free: from n/a through <= 1.0. | ||||
| CVE-2025-31590 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Denra.com WP Date and Time Shortcode wp-date-and-time-shortcode allows Stored XSS.This issue affects WP Date and Time Shortcode: from n/a through <= 2.6.7. | ||||
| CVE-2025-31589 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kibru Demeke Ethiopian Calendar ethiopian-calendar allows Stored XSS.This issue affects Ethiopian Calendar: from n/a through <= 1.1.1. | ||||
| CVE-2025-31581 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Sandeep Kumar WP Video Playlist wp-video-playlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Video Playlist: from n/a through <= 1.1.2. | ||||
| CVE-2025-31579 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in EXEIdeas International WP AutoKeyword wp-autokeyword allows SQL Injection.This issue affects WP AutoKeyword: from n/a through <= 1.0. | ||||
| CVE-2025-31575 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vasilis Triantafyllou Flag Icons language-icons-flags-switcher allows Stored XSS.This issue affects Flag Icons: from n/a through <= 2.2. | ||||