Export limit exceeded: 331831 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9649 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62107 | 2 Pluginops, Wordpress | 2 Feather Login Page, Wordpress | 2026-01-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PluginOps Feather Login Page allows Cross Site Request Forgery.This issue affects Feather Login Page: from n/a through 1.1.7. | ||||
| CVE-2025-62101 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0. | ||||
| CVE-2025-62099 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in Approveme Signature Add-On for Gravity Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Signature Add-On for Gravity Forms: from n/a through 1.8.6. | ||||
| CVE-2025-62095 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neilgee Bootstrap Modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through 1.3.2. | ||||
| CVE-2025-62094 | 3 Elementor, Voidthemes, Wordpress | 3 Elementor, Void Elementor Whmcs Elements For Elementor Page Builder, Wordpress | 2026-01-20 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Voidthemes Void Elementor WHMCS Elements For Elementor Page Builder.This issue affects Void Elementor WHMCS Elements For Elementor Page Builder: from n/a through 2.0.1.2. | ||||
| CVE-2025-62088 | 2 Extendons, Wordpress | 2 Wordpress & Woocommerce Scraper Plugin, Wordpress | 2026-01-20 | 5.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through 1.0.7. | ||||
| CVE-2025-62083 | 2 Wordpress, Wp Messiah | 2 Wordpress, Wordpress Coming Soon Plugin | 2026-01-20 | 4.3 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Messiah BoomDevs WordPress Coming Soon Plugin allows Retrieve Embedded Sensitive Data.This issue affects BoomDevs WordPress Coming Soon Plugin: from n/a through 1.0.4. | ||||
| CVE-2025-62078 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in Fahad Mahmood Easy Upload Files During Checkout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Upload Files During Checkout: from n/a through 3.0.0. | ||||
| CVE-2025-62076 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ido Kobelkowsky Simple Payment simple-payment.This issue affects Simple Payment: from n/a through <= 2.4.6. | ||||
| CVE-2025-62075 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 7.3 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ido Kobelkowsky Simple Payment simple-payment.This issue affects Simple Payment: from n/a through <= 2.4.6. | ||||
| CVE-2025-62074 | 2 Amauri, Wordpress | 2 Wpmobile.app, Wordpress | 2026-01-20 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through <= 11.71. | ||||
| CVE-2025-62073 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in Sovlix MeetingHub meetinghub.This issue affects MeetingHub: from n/a through <= 1.23.9. | ||||
| CVE-2025-62072 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users.This issue affects Front End Users: from n/a through <= 3.2.33. | ||||
| CVE-2025-62071 | 2 Repuso, Wordpress | 2 Repuso, Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget.This issue affects Social proof testimonials and reviews by Repuso: from n/a through <= 5.29. | ||||
| CVE-2025-62070 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through <= 1.2.13. | ||||
| CVE-2025-62069 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter.This issue affects MDTF: from n/a through <= 1.3.3.8. | ||||
| CVE-2025-62067 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Savory savory.This issue affects Savory: from n/a through <= 2.5. | ||||
| CVE-2025-62066 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 7.4 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes Revolution revolution.This issue affects Revolution: from n/a through < 2.5.8. | ||||
| CVE-2025-62065 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through <= 1.6.5. | ||||
| CVE-2025-62064 | 2 Elated-themes, Wordpress | 2 Search And Go Directory, Wordpress | 2026-01-20 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Elated-Themes Search & Go search-and-go allows Password Recovery Exploitation.This issue affects Search & Go: from n/a through <= 2.7. | ||||