Export limit exceeded: 23297 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 22054 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10037 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10037 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22336 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Amos Lee(一刀) Wizhi Multi Filters by Wenprise wizhi-multi-filters allows Stored XSS.This issue affects Wizhi Multi Filters by Wenprise: from n/a through <= 1.8.6. | ||||
| CVE-2025-22328 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Elevio by Dixa Elevio elevio allows Stored XSS.This issue affects Elevio: from n/a through <= 4.4.1. | ||||
| CVE-2025-22325 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in nchankov Autocompleter autocompleter allows Stored XSS.This issue affects Autocompleter: from n/a through <= 1.3.5.2. | ||||
| CVE-2025-22301 | 2026-04-23 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in zookatron MyBookTable Bookstore mybooktable allows Cross Site Request Forgery.This issue affects MyBookTable Bookstore: from n/a through <= 3.5.3. | ||||
| CVE-2025-22300 | 2026-04-23 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager pixelyoursite allows Cross Site Request Forgery.This issue affects PixelYourSite – Your smart PIXEL (TAG) Manager: from n/a through <= 10.0.1.2. | ||||
| CVE-2025-22297 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in aipost AI WP Writer ai-wp-writer allows Cross Site Request Forgery.This issue affects AI WP Writer: from n/a through <= 3.8.4.4. | ||||
| CVE-2025-15635 | 2 Wordpress, Zaytech | 2 Wordpress, Smart Online Order For Clover | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Cross Site Request Forgery.This issue affects Smart Online Order for Clover: from n/a through <= 1.6.0. | ||||
| CVE-2024-56251 | 2026-04-23 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Cross Site Request Forgery.This issue affects Event Espresso 4 Decaf: from n/a through <= 5.0.28.decaf. | ||||
| CVE-2024-56232 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Alex Volkov WP Nice Loader wp-nice-loader allows Stored XSS.This issue affects WP Nice Loader: from n/a through <= 0.1.0.4. | ||||
| CVE-2024-56229 | 1 Searchiq | 1 Searchiq | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in SearchIQ SearchIQ searchiq.This issue affects SearchIQ: from n/a through <= 4.6. | ||||
| CVE-2024-56222 | 1 Codebard | 1 Codebard Help Desk | 2026-04-23 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in CodeBard CodeBard Help Desk codebard-help-desk allows Cross Site Request Forgery.This issue affects CodeBard Help Desk: from n/a through <= 1.1.1. | ||||
| CVE-2024-56218 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in sevenspark Contact Form 7 – Dynamic Text Extension contact-form-7-dynamic-text-extension allows Cross Site Request Forgery.This issue affects Contact Form 7 – Dynamic Text Extension: from n/a through <= 5.0.1. | ||||
| CVE-2024-56214 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.3 High |
| Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro userpro allows Path Traversal.This issue affects Userpro: from n/a through <= 5.1.9. | ||||
| CVE-2024-56213 | 2 Themewinter, Wordpress | 2 Eventin, Wordpress | 2026-04-23 | 6.5 Medium |
| Path Traversal: '.../...//' vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.7. | ||||
| CVE-2024-56207 | 2026-04-23 | 8.8 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in EditionGuard EditionGuard for WooCommerce – eBook Sales with DRM editionguard-for-woocommerce-ebook-sales-with-drm allows Privilege Escalation.This issue affects EditionGuard for WooCommerce – eBook Sales with DRM: from n/a through <= 3.4.2. | ||||
| CVE-2024-56206 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in krishankakkar gap-hub-user-role gap-hub-user-role allows Authentication Bypass.This issue affects gap-hub-user-role: from n/a through <= 3.4.1. | ||||
| CVE-2024-56204 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in yonisink Sinking Dropdowns sinking-dropdowns allows Privilege Escalation.This issue affects Sinking Dropdowns: from n/a through <= 1.25. | ||||
| CVE-2024-56203 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in gholme4 Wayne Audio Player wayne-audio-player allows Privilege Escalation.This issue affects Wayne Audio Player: from n/a through <= 1.0. | ||||
| CVE-2024-56055 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-23 | 8.5 High |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56049 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-23 | 8.5 High |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||