Export limit exceeded: 347065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347065 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31407 | 2026-04-28 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hutsixdigital Tiger allows Stored XSS.This issue affects Tiger: from n/a through 2.0. | ||||
| CVE-2025-31398 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in themeton PIMP - Creative MultiPurpose allows Object Injection. This issue affects PIMP - Creative MultiPurpose: from n/a through 1.7. | ||||
| CVE-2025-31396 | 2026-04-28 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in themeton FLAP - Business WordPress Theme allows Object Injection. This issue affects FLAP - Business WordPress Theme: from n/a through 1.5. | ||||
| CVE-2025-31384 | 2026-04-28 | 7.1 High | ||
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5. | ||||
| CVE-2025-31101 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vault Group Pty Ltd VaultRE Contact Form 7 allows Stored XSS.This issue affects VaultRE Contact Form 7: from n/a through 1.0. | ||||
| CVE-2025-31100 | 2 Mojoomla, Wordpress | 2 School Management, Wordpress | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management allows Upload a Web Shell to a Web Server.This issue affects School Management: from n/a through 1.93.1 (02-07-2025). | ||||
| CVE-2025-31071 | 2026-04-28 | 5.3 Medium | ||
| Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4. | ||||
| CVE-2025-31069 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Object Injection. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4. | ||||
| CVE-2025-31068 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in themeton Seven Stars allows Cross Site Request Forgery. This issue affects Seven Stars: from n/a through 1.4.4. | ||||
| CVE-2025-31067 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themeton Seven Stars allows Stored XSS. This issue affects Seven Stars: from n/a through 1.4.4. | ||||
| CVE-2025-31065 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in themeton Rozario allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rozario: from n/a through 1.4. | ||||
| CVE-2025-31054 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Themefy Bloggie allows Reflected XSS.This issue affects Bloggie: from n/a through 2.0.8. | ||||
| CVE-2025-31051 | 2 Engotheme, Wordpress | 2 Plant, Wordpress | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EngoTheme Plant - Gardening & Houseplants WordPress Theme allows Retrieve Embedded Sensitive Data.This issue affects Plant - Gardening & Houseplants WordPress Theme: from n/a through 1.0.0. | ||||
| CVE-2025-31049 | 2026-04-28 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3. | ||||
| CVE-2025-31048 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4. | ||||
| CVE-2025-31047 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0. | ||||
| CVE-2025-31046 | 2 Wordpress, Wpvibes | 2 Wordpress, Anywhere Elementor | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in WPvibes AnyWhere Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyWhere Elementor Pro: from n/a through 2.29. | ||||
| CVE-2025-31044 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: from n/a through 3.3.2. | ||||
| CVE-2025-31027 | 1 Jocoxdesign | 1 Tiger | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0. | ||||
| CVE-2025-30996 | 2 Themify, Wordpress | 10 Bloggie, Edmin, Folo and 7 more | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.This issue affects Themify Sidepane WordPress Theme: from n/a through 1.9.8; Themify Newsy: from n/a through 1.9.9; Themify Folo: from n/a through 1.9.6; Themify Edmin: from n/a through 2.0.0; Bloggie: from n/a through 2.0.8; Photobox: from n/a through 2.0.1; Wigi: from n/a through 2.0.1; Rezo: from n/a through 1.9.7; Slide: from n/a through 1.7.5. | ||||