Export limit exceeded: 10162 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10162 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 11973 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11973 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23990 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in jablonczay Scroll Styler scroll-styler.This issue affects Scroll Styler: from n/a through <= 1.1. | ||||
| CVE-2025-23989 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Internal Link Builder internal-link-builder allows Cross Site Request Forgery.This issue affects Internal Link Builder: from n/a through <= 1.0. | ||||
| CVE-2025-23988 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno Cavalcante ghostwriter ghostwriter allows Reflected XSS.This issue affects ghostwriter: from n/a through <= 1.4. | ||||
| CVE-2025-23987 | 2 Codegearthemes, Wordpress | 2 Designer, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codegearthemes Designer designer allows DOM-Based XSS.This issue affects Designer: from n/a through <= 1.6.4. | ||||
| CVE-2025-23986 | 2 Fyrewurks, Wordpress | 2 Tiki Time, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyrewurks Tiki Time tiki-time allows Reflected XSS.This issue affects Tiki Time: from n/a through <= 1.3. | ||||
| CVE-2025-23984 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brainvireinfo Dynamic URL SEO dynamic-url-seo allows Reflected XSS.This issue affects Dynamic URL SEO: from n/a through <= 1.0. | ||||
| CVE-2025-23980 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in James Andrews Full Circle full-circle allows Stored XSS.This issue affects Full Circle: from n/a through <= 0.5.7.8. | ||||
| CVE-2025-23979 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in duwasai Flashy flashy allows Reflected XSS.This issue affects Flashy: from n/a through <= 1.2.1. | ||||
| CVE-2025-23978 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ninos FlashCounter flashcounter allows Stored XSS.This issue affects FlashCounter: from n/a through <= 1.1.8. | ||||
| CVE-2025-23976 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in operationsissuu Issuu Panel issuu-panel allows Stored XSS.This issue affects Issuu Panel: from n/a through <= 2.1.1. | ||||
| CVE-2025-23975 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cheesefather Botnet Attack Blocker botnet-attack-blocker allows Stored XSS.This issue affects Botnet Attack Blocker: from n/a through <= 2.0.0. | ||||
| CVE-2025-23971 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through <= 5.5.15. | ||||
| CVE-2025-23970 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking sf-booking allows Privilege Escalation.This issue affects Service Finder Booking: from n/a through <= 6.1. | ||||
| CVE-2025-23969 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.3 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through <= 5.5.15. | ||||
| CVE-2025-23968 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in WebFactory AiBud WP aibuddy-openai-chatgpt allows Upload a Web Shell to a Web Server.This issue affects AiBud WP: from n/a through <= 1.9. | ||||
| CVE-2025-23964 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ajitae Google Plus google-plus-google allows Reflected XSS.This issue affects Google Plus: from n/a through <= 1.0.2. | ||||
| CVE-2025-23963 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through <= 2.2.4. | ||||
| CVE-2025-23960 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL save-import-image-from-url allows Reflected XSS.This issue affects Save & Import Image from URL: from n/a through <= 0.7. | ||||
| CVE-2025-23958 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in FADI MED Editor Wysiwyg Background Color editor-wysiwyg-background-color allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Editor Wysiwyg Background Color: from n/a through <= 1.0. | ||||
| CVE-2025-23957 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in surdotly Sur.ly surly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sur.ly: from n/a through <= 3.0.3. | ||||