Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10818 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-53219 2 Pl4g4, Wordpress 2 Wp-database-optimizer-tools, Wordpress 2025-08-15 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross Site Request Forgery. This issue affects WP-Database-Optimizer-Tools: from n/a through 0.2.
CVE-2025-52771 2 Bcupham, Wordpress 2 Video Expander, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bcupham Video Expander allows Stored XSS. This issue affects Video Expander: from n/a through 1.0.
CVE-2025-53582 2 Wordlift, Wordpress 2 Wordlift, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordLift WordLift allows Stored XSS. This issue affects WordLift: from n/a through 3.54.5.
CVE-2025-54732 2 Shahjada, Wordpress 2 Wpdm Premium Packages, Wordpress 2025-08-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This issue affects WPDM – Premium Packages: from n/a through 6.0.2.
CVE-2025-53330 2 Wordpress, Wpestate 2 Wordpress, Wp Rentals 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals allows Stored XSS. This issue affects WP Rentals: from n/a through 3.13.1.
CVE-2025-52765 2 Lisensee, Wordpress 2 Netinsight Analytics Implementation Plugin, Wordpress 2025-08-15 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin allows Stored XSS. This issue affects NetInsight Analytics Implementation Plugin: from n/a through 1.0.3.
CVE-2025-53347 2 Laborator, Wordpress 2 Kalium, Wordpress 2025-08-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request Forgery. This issue affects Kalium: from n/a through 3.18.3.
CVE-2025-53341 2 Themovation, Wordpress 2 Stratus, Wordpress 2025-08-15 4.3 Medium
Missing Authorization vulnerability in Themovation Stratus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stratus: from n/a through 4.2.5.
CVE-2025-54739 2 Posimyth, Wordpress 2 Nexter Blocks, Wordpress 2025-08-15 5.3 Medium
Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexter Blocks: from n/a through 4.5.4.
CVE-2025-54054 2 Aa Web Servant, Wordpress 2 12 Step Meeting List, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA Web Servant 12 Step Meeting List allows Stored XSS. This issue affects 12 Step Meeting List: from n/a through 3.18.3.
CVE-2025-53249 2 Hakeemnala, Wordpress 2 Build App Online, Wordpress 2025-08-15 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online allows Cross Site Request Forgery. This issue affects Build App Online: from n/a through 1.0.23.
CVE-2025-55712 2 Posimyth, Wordpress 2 The Plus Addons For Elementor Page Builder Lite, Wordpress 2025-08-15 6.5 Medium
Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 6.3.13.
CVE-2025-55713 2 Creativethemes, Wordpress 2 Blocksy, Wordpress 2025-08-15 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeThemes Blocksy allows Stored XSS. This issue affects Blocksy: from n/a through 2.1.6.
CVE-2025-55716 2 Veronalabs, Wordpress 2 Wp Statistics, Wordpress 2025-08-15 4.3 Medium
Missing Authorization vulnerability in VeronaLabs WP Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Statistics: from n/a through 14.15.
CVE-2025-54749 2 Crocoblock, Wordpress 2 Jetproductgallery, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2.
CVE-2025-52797 2 Josepsitjar, Wordpress 2 Storymap, Wordpress 2025-08-15 8.2 High
Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMap allows SQL Injection. This issue affects StoryMap: from n/a through 2.1.
CVE-2025-53221 2 Codeablepress, Wordpress 2 Codeablepress, Wordpress 2025-08-15 4.3 Medium
Missing Authorization vulnerability in codeablepress CodeablePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CodeablePress: from n/a through 1.0.0.
CVE-2025-54717 2 E-plugins, Wordpress 2 Wp Membership, Wordpress 2025-08-15 5.4 Medium
Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3.
CVE-2025-54708 2 Bplugins, Wordpress 2 B Blocks, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks allows DOM-Based XSS. This issue affects B Blocks: from n/a through 2.0.5.
CVE-2025-53342 2 Goodlayers, Wordpress 2 Modernize, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Modernize allows Stored XSS. This issue affects Modernize: from n/a through 3.4.0.