Export limit exceeded: 10519 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10519 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48305 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vikingjs Goal Tracker for Patreon allows Stored XSS. This issue affects Goal Tracker for Patreon: from n/a through 0.4.6. | ||||
| CVE-2025-48309 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in web-able BetPress allows Stored XSS. This issue affects BetPress: from n/a through 1.0.1 Lite. | ||||
| CVE-2025-48311 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in OffClicks Invisible Optin allows Stored XSS. This issue affects Invisible Optin: from n/a through 1.0. | ||||
| CVE-2025-48318 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in shen2 多说社会化评论框 allows Cross Site Request Forgery. This issue affects 多说社会化评论框: from n/a through 1.2. | ||||
| CVE-2025-48322 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Finn Dohrn Statify Widget allows Stored XSS. This issue affects Statify Widget: from n/a through 1.4.6. | ||||
| CVE-2025-48325 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in shmish111 WP Admin Theme allows Stored XSS. This issue affects WP Admin Theme: from n/a through 1.0. | ||||
| CVE-2025-48350 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 4.3 Medium |
| Missing Authorization vulnerability in Neuralabz LTD AutoWP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AutoWP: from n/a through 2.2.2. | ||||
| CVE-2025-48359 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in thaihavnn07 ATT YouTube Widget allows Stored XSS. This issue affects ATT YouTube Widget: from n/a through 1.0. | ||||
| CVE-2025-48109 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Xavier Media XM-Backup allows Stored XSS. This issue affects XM-Backup: from n/a through 0.9.1. | ||||
| CVE-2025-48306 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in developers savyour Savyour Affiliate Partner allows Stored XSS. This issue affects Savyour Affiliate Partner: from n/a through 2.1.4. | ||||
| CVE-2025-48310 | 2 Wordpress, Wptableeditor | 2 Wordpress, Table Editor | 2025-08-29 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wptableeditor Table Editor allows Cross Site Request Forgery. This issue affects Table Editor: from n/a through 1.6.4. | ||||
| CVE-2025-48312 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 文派翻译(WP Chinese Translation) WPAvatar allows Stored XSS. This issue affects WPAvatar: from n/a through 1.9.3. | ||||
| CVE-2025-48314 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in salubrio Add Code To Head allows Stored XSS. This issue affects Add Code To Head: from n/a through 1.17. | ||||
| CVE-2025-48316 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ItayXD Responsive Mobile-Friendly Tooltip allows Stored XSS. This issue affects Responsive Mobile-Friendly Tooltip: from n/a through 1.6.6. | ||||
| CVE-2025-48319 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gslauraspeck Mesa Mesa Reservation Widget allows Stored XSS. This issue affects Mesa Mesa Reservation Widget: from n/a through 1.0.0. | ||||
| CVE-2025-48327 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 5.3 Medium |
| Missing Authorization vulnerability in inkthemes WP Mailgun SMTP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Mailgun SMTP: from n/a through 1.0.7. | ||||
| CVE-2025-48351 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in PluginsPoint Kento Splash Screen allows Stored XSS. This issue affects Kento Splash Screen: from n/a through 1.4. | ||||
| CVE-2025-48352 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sitesearch-yandex Yandex Site search pinger allows Stored XSS. This issue affects Yandex Site search pinger: from n/a through 1.5. | ||||
| CVE-2025-48354 | 2 Elementor, Wordpress | 2 Elementor, Wordpress | 2025-08-29 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Smart Widgets Better Post & Filter Widgets for Elementor allows Stored XSS. This issue affects Better Post & Filter Widgets for Elementor: from n/a through 1.6.0. | ||||
| CVE-2025-48356 | 1 Wordpress | 1 Wordpress | 2025-08-29 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Isra Kanpress allows Stored XSS. This issue affects Kanpress: from n/a through 1.1. | ||||