Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47516 | 2025-05-08 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Time Clock allows Stored XSS. This issue affects Time Clock: from n/a through 1.2.3. | ||||
| CVE-2025-47510 | 2025-05-08 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fullworks Display Eventbrite Events allows PHP Local File Inclusion. This issue affects Display Eventbrite Events: from n/a through n/a. | ||||
| CVE-2025-47480 | 2025-05-08 | 5.4 Medium | ||
| Missing Authorization vulnerability in Iqonic Design Graphina allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Graphina: from n/a through 3.0.4. | ||||
| CVE-2025-47475 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artbees JupiterX Core allows Stored XSS. This issue affects JupiterX Core: from n/a through 4.8.11. | ||||
| CVE-2025-47467 | 2025-05-08 | 4.3 Medium | ||
| Missing Authorization vulnerability in GS Plugins GS Testimonial Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GS Testimonial Slider: from n/a through 3.3.0. | ||||
| CVE-2025-47464 | 2025-05-08 | 4.9 Medium | ||
| Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra allows Server Side Request Forgery. This issue affects Solace Extra: from n/a through 1.3.1. | ||||
| CVE-2025-47459 | 2025-05-08 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in XpeedStudio WP Fundraising Donation and Crowdfunding Platform allows Cross Site Request Forgery. This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.7.3. | ||||
| CVE-2025-47456 | 2025-05-08 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Zendesk allows Phishing. This issue affects WP Gravity Forms Zendesk: from n/a through 1.1.2. | ||||
| CVE-2025-47454 | 2025-05-08 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Dynamics CRM allows Phishing. This issue affects WP Gravity Forms Dynamics CRM: from n/a through 1.1.4. | ||||
| CVE-2025-47450 | 2025-05-08 | 5.3 Medium | ||
| Missing Authorization vulnerability in Mitchell Bennis Simple File List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple File List: from n/a through 6.1.13. | ||||
| CVE-2025-47449 | 2025-05-08 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Meow Gallery allows Stored XSS. This issue affects Meow Gallery: from n/a through 5.2.7. | ||||
| CVE-2025-47443 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Widget Countdown allows Stored XSS. This issue affects Widget Countdown: from n/a through 2.7.4. | ||||
| CVE-2025-47455 | 2025-05-08 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Salesforce allows Phishing. This issue affects Integration for WooCommerce and Salesforce: from n/a through 1.7.5. | ||||
| CVE-2025-47533 | 2025-05-08 | 8.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design Graphina allows PHP Local File Inclusion. This issue affects Graphina: from n/a through 3.0.4. | ||||
| CVE-2025-47526 | 2025-05-08 | 5.4 Medium | ||
| Missing Authorization vulnerability in GS Plugins GS Variation Swatches for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GS Variation Swatches for WooCommerce: from n/a through 3.0.4. | ||||
| CVE-2025-47451 | 2025-05-08 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Product Quantity Dropdown For Woocommerce allows Cross Site Request Forgery. This issue affects Product Quantity Dropdown For Woocommerce: from n/a through 1.2. | ||||
| CVE-2025-47441 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Reynolds Progress Bar allows Stored XSS. This issue affects Progress Bar: from n/a through 2.2.3. | ||||
| CVE-2025-47525 | 2025-05-08 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder allows Stored XSS. This issue affects Bold Page Builder: from n/a through 5.3.0. | ||||
| CVE-2025-47496 | 2025-05-08 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PublishPress PublishPress Authors allows PHP Local File Inclusion. This issue affects PublishPress Authors: from n/a through 4.7.5. | ||||
| CVE-2025-47476 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org Cost Calculator for Elementor allows DOM-Based XSS. This issue affects Cost Calculator for Elementor: from n/a through 1.3.3. | ||||