Export limit exceeded: 338959 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338959 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22295 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tripetto WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto tripetto allows Stored XSS.This issue affects WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto: from n/a through <= 8.0.6. | ||||
| CVE-2025-22294 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Reflected XSS.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.3. | ||||
| CVE-2025-22293 | 2 Gutentor, Wordpress | 2 Gutentor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gutentor Gutentor gutentor allows DOM-Based XSS.This issue affects Gutentor: from n/a through <= 3.4.3. | ||||
| CVE-2025-22292 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Felipe Peixoto Powerful Auto Chat powers-triggers-of-woo-to-chat allows Stored XSS.This issue affects Powerful Auto Chat: from n/a through <= 1.9.8. | ||||
| CVE-2025-22291 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through <= 5.0.20. | ||||
| CVE-2025-22290 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology LTL Freight Quotes – FreightQuote Edition ltl-freight-quotes-freightquote-edition allows SQL Injection.This issue affects LTL Freight Quotes – FreightQuote Edition: from n/a through <= 2.3.11. | ||||
| CVE-2025-22289 | 1 Eniture | 1 Ltl Freight Quotes | 2026-04-01 | 9.8 Critical |
| Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – Unishippers Edition ltl-freight-quotes-unishippers-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Unishippers Edition: from n/a through <= 2.5.8. | ||||
| CVE-2025-22287 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – FreightQuote Edition ltl-freight-quotes-freightquote-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – FreightQuote Edition: from n/a through <= 2.3.11. | ||||
| CVE-2025-22286 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition allows Reflected XSS.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through <= 5.0.21. | ||||
| CVE-2025-22285 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in enituretechnology Pallet Packaging for WooCommerce pallet-packaging-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pallet Packaging for WooCommerce: from n/a through <= 1.1.15. | ||||
| CVE-2025-22284 | 1 Eniture | 1 Ltl Freight Quotes | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes – Unishippers Edition ltl-freight-quotes-unishippers-edition allows Reflected XSS.This issue affects LTL Freight Quotes – Unishippers Edition: from n/a through <= 2.5.8. | ||||
| CVE-2025-22283 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riyaz GetSocial getsocial allows Reflected XSS.This issue affects GetSocial: from n/a through <= 2.0.1. | ||||
| CVE-2025-22282 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in keksdieb ez Form Calculator Premium ez-form-calculator-premium allows Reflected XSS.This issue affects ez Form Calculator Premium: from n/a through <= 2.14.1.2. | ||||
| CVE-2025-22281 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in joshix Simplish simplish allows Stored XSS.This issue affects Simplish: from n/a through <= 2.6.4. | ||||
| CVE-2025-22280 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in revmakx DefendWP Firewall defend-wp-firewall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DefendWP Firewall: from n/a through <= 1.1.0. | ||||
| CVE-2025-22279 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through <= 1.5.9. | ||||
| CVE-2025-22277 | 2026-04-01 | N/A | ||
| Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through <= 3.1.4. | ||||
| CVE-2025-22276 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enguerranws Related Post Shortcode related-post-shortcode allows Stored XSS.This issue affects Related Post Shortcode: from n/a through <= 1.2. | ||||
| CVE-2025-22269 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin LLC Real Testimonials testimonial-free allows Stored XSS.This issue affects Real Testimonials: from n/a through <= 3.1.6. | ||||
| CVE-2025-22268 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash uncanny-learndash-toolkit allows Stored XSS.This issue affects Uncanny Toolkit for LearnDash: from n/a through <= 3.7.0.1. | ||||