CVEs and Security Vulnerabilities

Export limit exceeded: 45576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45576 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-58020	2 Jeroen Schmit, Wordpress	2 Theater For Wordpress, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress theatre allows Stored XSS.This issue affects Theater for WordPress: from n/a through <= 0.18.8.
CVE-2025-58019	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Search Atlas Group Search Atlas SEO metasync allows Stored XSS.This issue affects Search Atlas SEO: from n/a through <= 2.5.4.
CVE-2025-58018	2 Richard Leishman, Wordpress	2 Mail Subscribe List, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Leishman Mail Subscribe List mail-subscribe-list allows Stored XSS.This issue affects Mail Subscribe List: from n/a through <= 2.1.10.
CVE-2025-58017	2 Bdthemes, Wordpress	2 Utlimate Store Kit Elementor Addons, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through <= 2.8.6.
CVE-2025-58008	2 Wordpress, Xnau	2 Wordpress, Participants Database	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xnau webdesign Participants Database participants-database allows Stored XSS.This issue affects Participants Database: from n/a through <= 2.7.6.3.
CVE-2025-58002	2 Bbpress, Wordpress	2 Bbpress, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD bbPress Tools gd-bbpress-tools allows DOM-Based XSS.This issue affects GD bbPress Tools: from n/a through <= 3.5.3.
CVE-2025-58001	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Compact Archives compact-archives allows Stored XSS.This issue affects Compact Archives: from n/a through <= 4.1.0.
CVE-2025-57999	2 Wordpress, Wpkoi	2 Wordpress, Wpkoi Templates For Elementor	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows DOM-Based XSS.This issue affects WPKoi Templates for Elementor: from n/a through <= 3.4.3.
CVE-2025-57998	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hamid Reza Yazdani E-namad & Shamed Logo Manager e-namad-shamed-logo-manager allows Stored XSS.This issue affects E-namad & Shamed Logo Manager: from n/a through <= 2.2.
CVE-2025-57996	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthewordie Buckets buckets allows Stored XSS.This issue affects Buckets: from n/a through <= 0.3.9.
CVE-2025-57993	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Pick Geolocation IP Detection geoip-detect allows Stored XSS.This issue affects Geolocation IP Detection: from n/a through <= 5.5.0.
CVE-2025-57989	2 Brajesh Singh, Wordpress	2 Wordpress Widgets Shortcode, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brajesh Singh WordPress Widgets Shortcode wp-widgets-shortcode allows Stored XSS.This issue affects WordPress Widgets Shortcode: from n/a through <= 1.0.3.
CVE-2025-57988	2 Uncannyowl, Wordpress	2 Uncanny Toolkit For Learndash, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash uncanny-learndash-toolkit allows Stored XSS.This issue affects Uncanny Toolkit for LearnDash: from n/a through <= 3.7.0.3.
CVE-2025-57986	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in husani WP Subtitle wp-subtitle allows Stored XSS.This issue affects WP Subtitle: from n/a through <= 3.4.1.
CVE-2025-57982	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBean Advance Portfolio Grid advance-portfolio-grid allows Stored XSS.This issue affects Advance Portfolio Grid: from n/a through <= 1.07.6.
CVE-2025-57981	2 Catchsquare, Wordpress	2 Wp Social Widget, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.3.1.
CVE-2025-57980	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas Cordero Safety Exit safety-exit allows Stored XSS.This issue affects Safety Exit: from n/a through <= 1.8.0.
CVE-2025-57979	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson AuthorSure authorsure allows Stored XSS.This issue affects AuthorSure: from n/a through <= 2.3.
CVE-2025-57974	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tuyennv TZ PlusGallery tz-plus-gallery allows Stored XSS.This issue affects TZ PlusGallery: from n/a through <= 1.5.5.
CVE-2025-57973	1 Wordpress	1 Wordpress	2026-04-23	5.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chad Butler WP-Members wp-members allows Stored XSS.This issue affects WP-Members: from n/a through <= 3.5.4.2.

« first previous Page 32 of 2279. next last »