CVEs and Security Vulnerabilities

Export limit exceeded: 45556 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45556 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-58632	2 Dadevarzan, Wordpress	2 Wordpress Common Plugin, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dadevarzan Dadevarzan WordPress Common dadevarzan-common allows Stored XSS.This issue affects Dadevarzan WordPress Common: from n/a through <= 2.2.2.
CVE-2025-58631	2 Wordpress, Zeen101	2 Wordpress, Issuem Plugin	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZEEN101 IssueM issuem allows DOM-Based XSS.This issue affects IssueM: from n/a through <= 2.9.0.
CVE-2025-58630	2 Rbaer, Wordpress	2 Simple Matomo Tracking Code Plugin, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rbaer Simple Matomo Tracking Code simple-matomo-tracking-code allows Stored XSS.This issue affects Simple Matomo Tracking Code: from n/a through <= 1.1.0.
CVE-2025-58626	2 Rumbletalk, Wordpress	2 Live Group Chat Plugin, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Stored XSS.This issue affects RumbleTalk Live Group Chat: from n/a through <= 6.3.5.
CVE-2025-58625	2 Spiffyplugins, Wordpress	2 Wp Flow Plus, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through <= 5.2.5.
CVE-2025-58624	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in falselight Exchange Rates exchange-rates allows Stored XSS.This issue affects Exchange Rates: from n/a through <= 1.2.5.
CVE-2025-58623	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bohemia Plugins Event Feed for Eventbrite event-feed-for-eventbrite allows DOM-Based XSS.This issue affects Event Feed for Eventbrite: from n/a through <= 1.3.2.
CVE-2025-58621	2 Amuse Labs, Wordpress	2 Puzzleme Plugin, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amuse Labs PuzzleMe for WordPress puzzleme allows Stored XSS.This issue affects PuzzleMe for WordPress: from n/a through <= 1.2.0.
CVE-2025-58620	2 Wordpress, Wpforms	2 Wordpress, Wpforms	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Stored XSS.This issue affects PDF for WPForms: from n/a through <= 6.2.1.
CVE-2025-58618	2 Jonathanjernigan, Wordpress	2 Pie Calendar, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonathan Jernigan Pie Calendar pie-calendar allows DOM-Based XSS.This issue affects Pie Calendar: from n/a through <= 1.2.8.
CVE-2025-58614	2 Tooltipy, Wordpress	2 Tooltipy, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jamel.Z Tooltipy bluet-keywords-tooltip-generator allows Stored XSS.This issue affects Tooltipy: from n/a through <= 5.5.6.
CVE-2025-58612	2 Propertyhive, Wordpress	2 Propertyhive, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Property Hive PropertyHive propertyhive allows Stored XSS.This issue affects PropertyHive: from n/a through <= 2.1.5.
CVE-2025-58610	2 Wordpress, Wpchill	2 Wordpress, Gallery Photoblocks	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Gallery PhotoBlocks photoblocks-grid-gallery allows Stored XSS.This issue affects Gallery PhotoBlocks: from n/a through <= 1.3.1.
CVE-2025-58609	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Stored XSS.This issue affects Latest Post Shortcode: from n/a through <= 14.0.3.
CVE-2025-58607	2 Gdprinfo, Wordpress	2 Cookie Notice & Consent Banner For Gdpr & Ccpa Compliance, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance: from n/a through <= 1.7.11.
CVE-2025-58605	2 Wordpress, Wpdelicious	2 Wordpress, Wp Delicious	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Delicious WP Delicious delicious-recipes allows Stored XSS.This issue affects WP Delicious: from n/a through <= 1.8.7.
CVE-2025-58602	2 If-so, Wordpress	3 Dynamic Content Personalization, If-so, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in If-So Dynamic Content If-So Dynamic Content Personalization if-so allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through <= 1.9.4.
CVE-2025-58596	2 Mailoptin, Wordpress	2 Mailoptin, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in properfraction MailOptin mailoptin allows Stored XSS.This issue affects MailOptin: from n/a through <= 1.2.75.0.
CVE-2025-58593	2 Themeisle, Wordpress	2 Orbit Fox, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through <= 3.0.0.
CVE-2025-58271	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AnyClip Video Platform AnyClip Luminous Studio anyclip-media allows Stored XSS.This issue affects AnyClip Luminous Studio: from n/a through <= 1.3.3.

« first previous Page 18 of 2278. next last »