Export limit exceeded: 351450 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 46005 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46005 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68533 | 2 Hasthemes, Wordpress | 2 Wc Builder, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WC Builder wc-builder allows Stored XSS.This issue affects WC Builder: from n/a through <= 1.2.0. | ||||
| CVE-2025-67627 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through <= 1.5. | ||||
| CVE-2025-67628 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AMP-MODE Review Disclaimer review-disclaimer allows Stored XSS.This issue affects Review Disclaimer: from n/a through <= 2.0.3. | ||||
| CVE-2025-67629 | 2 Basticom, Wordpress | 2 Framework, Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basticom Basticom Framework basticom-framework allows Stored XSS.This issue affects Basticom Framework: from n/a through <= 1.5.2. | ||||
| CVE-2025-67630 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webheadcoder WH Tweaks wh-tweaks allows Stored XSS.This issue affects WH Tweaks: from n/a through <= 1.0.2. | ||||
| CVE-2025-67631 | 2 Ecommerce Platforms, Wordpress | 2 Gift Hunt, Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ecommerce Platforms Gift Hunt gift-hunt allows Stored XSS.This issue affects Gift Hunt: from n/a through <= 2.0.2. | ||||
| CVE-2025-67633 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through <= 2.7.3. | ||||
| CVE-2025-68566 | 2 Wordpress, Wphocus | 2 Wordpress, My Auctions Allegro | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through <= 3.6.35. | ||||
| CVE-2025-68574 | 2 Voidcoders, Wordpress | 2 Wpbakery Visual Composer Whmcs Elements, Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through <= 1.0.4.3. | ||||
| CVE-2025-68597 | 2 Blueglass, Wordpress | 2 Jobs For Wordpress, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through <= 2.8.1. | ||||
| CVE-2025-68598 | 2 Livecomposer, Wordpress | 2 Page Builder: Live Composer, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiveComposer Page Builder: Live Composer live-composer-page-builder allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through <= 2.1.13. | ||||
| CVE-2025-68599 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Embeds For YouTube Plugin Support YouTube Embed youtube-embed allows Stored XSS.This issue affects YouTube Embed: from n/a through <= 5.4. | ||||
| CVE-2025-68605 | 2 Pickplugins, Wordpress | 2 Post Grid, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.23. | ||||
| CVE-2025-68977 | 2 Designthemes, Wordpress | 2 Portfolio Addon, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes DesignThemes Portfolio Addon designthemes-portfolio-addon allows DOM-Based XSS.This issue affects DesignThemes Portfolio Addon: from n/a through <= 1.5. | ||||
| CVE-2025-68978 | 2 Designthemes, Wordpress | 2 Core, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes DesignThemes Core designthemes-core allows DOM-Based XSS.This issue affects DesignThemes Core: from n/a through <= 1.6. | ||||
| CVE-2025-68991 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xenioushk BWL Pro Voting Manager bwl-pro-voting-manager allows DOM-Based XSS.This issue affects BWL Pro Voting Manager: from n/a through <= 1.4.9. | ||||
| CVE-2025-69017 | 2 Magnigenie, Wordpress | 2 Restropress, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magnigenie RestroPress restropress allows Stored XSS.This issue affects RestroPress: from n/a through <= 3.2.8.6. | ||||
| CVE-2025-69335 | 2 Themepoints, Wordpress | 2 Team Showcase, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Team Showcase team-showcase allows Stored XSS.This issue affects Team Showcase: from n/a through <= 2.9. | ||||
| CVE-2025-69350 | 2 Themepoints, Wordpress | 2 Accordion, Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Accordion accordions-wp allows Stored XSS.This issue affects Accordion: from n/a through <= 3.0.3. | ||||
| CVE-2025-69362 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH UiChemy uichemy allows Stored XSS.This issue affects UiChemy: from n/a through <= 4.4.2. | ||||