CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45565 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-53466	2 Codesolz, Wordpress	2 Better Find And Replace, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeSolz Better Find and Replace real-time-auto-find-and-replace allows Stored XSS.This issue affects Better Find and Replace: from n/a through <= 1.7.6.
CVE-2025-53464	2 Ironikus, Wordpress	2 Wp Mailto Links, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Online Optimisation WP Mailto Links wp-mailto-links allows Stored XSS.This issue affects WP Mailto Links: from n/a through <= 3.1.4.
CVE-2025-53463	3 Ht Plugins, Wordpress, Wpbakery	4 Absolute Addons For Wpbakery Page Builder, Wordpress, Page Builder and 1 more	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows DOM-Based XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through <= 1.0.9.
CVE-2025-53462	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SAPO SAPO Feed sapo-feed allows Stored XSS.This issue affects SAPO Feed: from n/a through <= 2.4.2.
CVE-2025-53460	2 Affiliatewp, Wordpress	2 Affiliatewp, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi AffiliateWP – External Referral Links affiliatewp-external-referral-links allows Stored XSS.This issue affects AffiliateWP – External Referral Links: from n/a through <= 1.2.0.
CVE-2025-53458	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in davaxi Goracash goracash allows Stored XSS.This issue affects Goracash: from n/a through <= 1.1.
CVE-2025-53455	3 Cashbill, Woocommerce, Wordpress	3 Cashbill Woocommerce, Woocommerce, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CashBill CashBill.pl – Płatności WooCommerce cashbill-payment-method allows Stored XSS.This issue affects CashBill.pl – Płatności WooCommerce: from n/a through <= 3.2.1.
CVE-2025-53454	2 Rustaurius, Wordpress	2 Ultimate Wp Mail, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Stored XSS.This issue affects Ultimate WP Mail: from n/a through <= 1.3.8.
CVE-2025-53426	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Likert Survey Master likert-survey-master allows Reflected XSS.This issue affects Likert Survey Master: from n/a through <= 0.8.0.1.
CVE-2025-53349	2 Laborator, Wordpress	2 Kalium, Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through <= 3.18.3.
CVE-2025-53342	2 Goodlayers, Wordpress	2 Modernize, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Modernize modernize allows Stored XSS.This issue affects Modernize: from n/a through <= 3.4.0.
CVE-2025-53336	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in abditsori My Resume Builder my-resume-builder allows Stored XSS.This issue affects My Resume Builder: from n/a through <= 1.0.3.
CVE-2025-53330	2 Wordpress, Wpestate	2 Wordpress, Wp Rentals	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals wprentals allows Stored XSS.This issue affects WP Rentals: from n/a through <= 3.16.1.
CVE-2025-53325	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dilip kumar Beauty Contact Popup Form beauty-contact-popup-form allows Stored XSS.This issue affects Beauty Contact Popup Form: from n/a through <= 6.0.
CVE-2025-53324	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeYatri Gutenify gutenify allows Stored XSS.This issue affects Gutenify: from n/a through <= 1.5.7.
CVE-2025-53321	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raise The Money Raise The Money raise-the-money allows DOM-Based XSS.This issue affects Raise The Money: from n/a through <= 5.2.
CVE-2025-53320	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wp Enhanced Free Downloads EDD free-downloads-edd allows DOM-Based XSS.This issue affects Free Downloads EDD: from n/a through <= 1.0.4.
CVE-2025-53307	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beaver Builder WordPress Assistant assistant allows Reflected XSS.This issue affects WordPress Assistant: from n/a through <= 1.5.2.
CVE-2025-53301	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Junkie Theme Junkie Team Content theme-junkie-team-content allows DOM-Based XSS.This issue affects Theme Junkie Team Content: from n/a through <= 0.1.1.
CVE-2025-53300	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in douglaskarr Podcast Feed Player Widget and Shortcode podcast-feed-player-widget allows Stored XSS.This issue affects Podcast Feed Player Widget and Shortcode: from n/a through <= 2.2.0.

« first previous Page 28 of 2279. next last »