Export limit exceeded: 334673 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 334673 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 334673 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334673 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22791 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in twh offset writing allows Reflected XSS.This issue affects offset writing: from n/a through 1.2. | ||||
| CVE-2025-39459 | 2025-05-21 | 7.3 High | ||
| Incorrect Privilege Assignment vulnerability in Contempo Themes Real Estate 7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through 3.5.2. | ||||
| CVE-2025-39454 | 2025-05-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in Jeroen Peters Name Directory.This issue affects Name Directory: from n/a through 1.30.0. | ||||
| CVE-2025-39450 | 2025-05-21 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through 2.2.7. | ||||
| CVE-2025-39411 | 2025-05-21 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Indie_Plugins WhatsApp Click to Chat Plugin for WordPress.This issue affects WhatsApp Click to Chat Plugin for WordPress: from n/a through 2.2.12. | ||||
| CVE-2025-39410 | 2025-05-21 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8. | ||||
| CVE-2025-39409 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pressaholic WordPress Video Robot - The Ultimate Video Importer.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0. | ||||
| CVE-2025-23983 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tijaji allows Reflected XSS.This issue affects Tijaji: from n/a through 1.43. | ||||
| CVE-2025-23981 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takimi Themes CarZine allows Reflected XSS.This issue affects CarZine: from n/a through 1.4.6. | ||||
| CVE-2025-39406 | 2025-05-21 | 9.8 Critical | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPAMS allows PHP Local File Inclusion.This issue affects WPAMS: from n/a through 44.0. | ||||
| CVE-2025-39405 | 2025-05-21 | 8.8 High | ||
| Incorrect Privilege Assignment vulnerability in mojoomla WPAMS allows Privilege Escalation.This issue affects WPAMS: from n/a through 44.0 (17-08-2023). | ||||
| CVE-2025-39403 | 2025-05-21 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS allows SQL Injection.This issue affects WPAMS: from n/a through 44.0 (17-08-2023). | ||||
| CVE-2025-39394 | 2025-05-21 | 5.3 Medium | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid Plugins AnalyticsWP allows Retrieve Embedded Sensitive Data.This issue affects AnalyticsWP: from n/a through 2.1.2. | ||||
| CVE-2025-39393 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla Hospital Management System allows Reflected XSS.This issue affects Hospital Management System: from n/a through 47.0 (20-11-2023). | ||||
| CVE-2025-39388 | 2025-05-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in Solid Plugins AnalyticsWP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AnalyticsWP: from n/a through 2.0.0. | ||||
| CVE-2025-39374 | 2025-05-21 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in aseem1234 Best Posts Summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through 1.0. | ||||
| CVE-2025-39373 | 2025-05-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in jegtheme JNews.This issue affects JNews: from n/a through 11.6.5. | ||||
| CVE-2025-39371 | 2025-05-21 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Author Box Plugin With Different Description allows Cross Site Request Forgery.This issue affects Author Box Plugin With Different Description: from n/a through 1.3.5. | ||||
| CVE-2025-39365 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rocket Apps wProject allows Reflected XSS.This issue affects wProject: from n/a before 5.8.0. | ||||
| CVE-2025-22789 | 2025-05-21 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyrewurks polka dots allows Reflected XSS.This issue affects polka dots: from n/a through 1.2. | ||||