Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11887 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-22642 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtowebsites Dynamic Conditions dynamicconditions allows Stored XSS.This issue affects Dynamic Conditions: from n/a through <= 1.7.4.
CVE-2025-22641 1 Wordpress 1 Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prem Tiwari FM Notification Bar fm-notification-bar allows Stored XSS.This issue affects FM Notification Bar: from n/a through <= 1.0.4.
CVE-2025-22636 1 Wordpress 1 Wordpress 2026-04-23 8.2 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vicente Ruiz Gálvez VR-Frases vr-frases allows Reflected XSS.This issue affects VR-Frases: from n/a through <= 4.0.1.
CVE-2025-22595 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yamna Khawaja Mailing Group Listserv wp-mailing-group allows Reflected XSS.This issue affects Mailing Group Listserv: from n/a through <= 2.0.9.
CVE-2025-22594 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hccoder Better User Shortcodes better-user-shortcodes allows Reflected XSS.This issue affects Better User Shortcodes: from n/a through <= 1.0.
CVE-2025-22593 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in burria Laika Pedigree Tree laika-pedigree-tree allows Stored XSS.This issue affects Laika Pedigree Tree: from n/a through <= 1.4.
CVE-2025-22592 2 Lenderd, Wordpress 2 1003 Mortgage Application, Wordpress 2026-04-23 7.5 High
Missing Authorization vulnerability in 8blocks 1003 Mortgage Application 1003-mortgage-application allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 1003 Mortgage Application: from n/a through <= 1.87.
CVE-2025-22591 2 Lenderd, Wordpress 2 1003 Mortgage Application, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in 8blocks 1003 Mortgage Application 1003-mortgage-application allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 1003 Mortgage Application: from n/a through <= 1.87.
CVE-2025-22586 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dstoever WPEX Replace DB Urls wpex-replace allows Reflected XSS.This issue affects WPEX Replace DB Urls: from n/a through <= 0.4.0.
CVE-2025-22582 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Scott Nelle Uptime Robot uptime-robot allows Stored XSS.This issue affects Uptime Robot: from n/a through <= 0.1.3.
CVE-2025-22581 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bytephp Arcade Ready arcadeready allows Stored XSS.This issue affects Arcade Ready: from n/a through <= 1.1.
CVE-2025-22579 1 Wordpress 1 Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arefly WP Header Notification wp-header-notification allows Stored XSS.This issue affects WP Header Notification: from n/a through <= 1.2.7.
CVE-2025-22577 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Damion Armentrout Able Player wp-able-player allows DOM-Based XSS.This issue affects Able Player: from n/a through <= 1.0.
CVE-2025-22576 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcus Downing Site PIN site-pin allows Reflected XSS.This issue affects Site PIN: from n/a through <= 1.3.
CVE-2025-22575 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendyourweb SUPER RESPONSIVE SLIDER super-slider allows Reflected XSS.This issue affects SUPER RESPONSIVE SLIDER: from n/a through <= 1.4.
CVE-2025-22574 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cleanshooter ICS Button ics-button allows Stored XSS.This issue affects ICS Button: from n/a through <= 0.6.
CVE-2025-22573 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in copist Icons Enricher icons-enricher allows Stored XSS.This issue affects Icons Enricher: from n/a through <= 1.0.8.
CVE-2025-22572 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Legacy ePlayer sportspress-tv allows Stored XSS.This issue affects Legacy ePlayer: from n/a through <= 0.9.9.
CVE-2025-22570 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mdjekic Inline Tweets inline-tweets allows Stored XSS.This issue affects Inline Tweets: from n/a through <= 2.0.
CVE-2025-22568 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arete-it Post And Page Reactions post-and-page-reactions allows Reflected XSS.This issue affects Post And Page Reactions: from n/a through <= 1.0.5.