Export limit exceeded: 17153 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47520 | 2025-05-08 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Charitable allows Stored XSS. This issue affects Charitable: from n/a through 1.8.5.1. | ||||
| CVE-2025-47518 | 2025-05-08 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on allows Stored XSS. This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through 2.3.4. | ||||
| CVE-2025-47514 | 2025-05-08 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Eli ELI's Related Posts Footer Links and Widget allows Stored XSS. This issue affects ELI's Related Posts Footer Links and Widget: from n/a through 1.2.04.20. | ||||
| CVE-2025-47493 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks allows DOM-Based XSS. This issue affects Ultimate Blocks: from n/a through 3.2.9. | ||||
| CVE-2025-47473 | 2025-05-08 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in pimwick PW WooCommerce Bulk Edit allows Cross Site Request Forgery. This issue affects PW WooCommerce Bulk Edit: from n/a through 2.134. | ||||
| CVE-2025-47472 | 2025-05-08 | 5.4 Medium | ||
| Missing Authorization vulnerability in codepeople Music Player for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Music Player for WooCommerce: from n/a through 1.5.1. | ||||
| CVE-2025-47460 | 2025-05-08 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TrackShip TrackShip for WooCommerce allows SQL Injection. This issue affects TrackShip for WooCommerce: from n/a through 1.9.1. | ||||
| CVE-2025-47442 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CC CC BMI Calculator allows Stored XSS. This issue affects CC BMI Calculator: from n/a through 2.1.0. | ||||
| CVE-2025-47466 | 2025-05-08 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate WP Mail allows Cross Site Request Forgery. This issue affects Ultimate WP Mail: from n/a through 1.3.4. | ||||
| CVE-2025-47439 | 2025-05-08 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Chill Download Monitor allows PHP Local File Inclusion. This issue affects Download Monitor: from n/a through 5.0.22. | ||||
| CVE-2025-47681 | 2025-05-08 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ability, Inc Web Accessibility with Max Access allows Cross Site Request Forgery. This issue affects Web Accessibility with Max Access: from n/a through 2.0.9. | ||||
| CVE-2025-47679 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RS WP THEMES RS WP Book Showcase allows DOM-Based XSS. This issue affects RS WP Book Showcase: from n/a through 6.7.40. | ||||
| CVE-2025-47677 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gt3themes Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery allows Stored XSS. This issue affects Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery: from n/a through 2.7.7.25. | ||||
| CVE-2025-47675 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox allows DOM-Based XSS. This issue affects Woobox: from n/a through 1.6. | ||||
| CVE-2025-47669 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap allows DOM-Based XSS. This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.12. | ||||
| CVE-2025-47661 | 2025-05-08 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in codemstory 워드프레스 결제 심플페이 allows Cross Site Request Forgery. This issue affects 워드프레스 결제 심플페이: from n/a through 5.2.11. | ||||
| CVE-2025-47659 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements allows Stored XSS. This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through 1.0.4.1. | ||||
| CVE-2025-47656 | 2025-05-08 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spiraclethemes Spiraclethemes Site Library allows Stored XSS. This issue affects Spiraclethemes Site Library: from n/a through 1.4.0. | ||||
| CVE-2025-47648 | 2025-05-08 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in axima Pays – WooCommerce Payment Gateway allows Stored XSS. This issue affects Pays – WooCommerce Payment Gateway: from n/a through 2.6. | ||||
| CVE-2025-47644 | 2025-05-08 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form allows Phishing. This issue affects Integrations of Zoho CRM with Elementor form: from n/a through 1.0.7. | ||||