Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11479 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-23638 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Umesh Ghimire Frontend Post Submission frontend-post-submission allows Reflected XSS.This issue affects Frontend Post Submission: from n/a through <= 1.0.
CVE-2025-23636 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dimitar A. My Favorite Car my-favorite-cars allows Reflected XSS.This issue affects My Favorite Car: from n/a through <= 1.0.
CVE-2025-23635 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mobde3net ePermissions epermissions allows Reflected XSS.This issue affects ePermissions: from n/a through <= 1.2.
CVE-2025-23634 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codehandling Youtube Video Grid youmax-channel-embeds-for-youtube-businesses allows Reflected XSS.This issue affects Youtube Video Grid: from n/a through <= 1.9.
CVE-2025-23633 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in khanhtruong WP Database Audit database-audit allows Reflected XSS.This issue affects WP Database Audit: from n/a through <= 1.0.
CVE-2025-23632 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhizome Networks CG Button content-glass-button allows Reflected XSS.This issue affects CG Button: from n/a through <= 1.0.5.6.
CVE-2025-23631 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sarah Lewis Content Planner content-planner allows Reflected XSS.This issue affects Content Planner: from n/a through <= 1.0.
CVE-2025-23630 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Irshad A.Khan Cyber Slider cyber-new-slider allows Reflected XSS.This issue affects Cyber Slider: from n/a through <= 1.1.
CVE-2025-23629 2 Subhasis Laha, Wordpress 2 Gallerio, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Subhasis Laha Gallerio gallerio allows Reflected XSS.This issue affects Gallerio: from n/a through <= 1.0.1.
CVE-2025-23627 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in frenchsquared Comment-Emailer comment-emailer allows Stored XSS.This issue affects Comment-Emailer: from n/a through <= 1.0.5.
CVE-2025-23625 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awcode Unique UX unique-ux allows Reflected XSS.This issue affects Unique UX: from n/a through <= 0.9.2.
CVE-2025-23624 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alessandro Benoit WpDevTool wpdevtool allows Reflected XSS.This issue affects WpDevTool: from n/a through <= 0.1.1.
CVE-2025-23623 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahesh Bisen Contact Form 7 – CCAvenue Add-on cf7-cc-avenue-add-on allows Reflected XSS.This issue affects Contact Form 7 – CCAvenue Add-on: from n/a through <= 1.0.
CVE-2025-23622 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabuj Kundu CBX Accounting & Bookkeeping cbxwpsimpleaccounting allows Reflected XSS.This issue affects CBX Accounting & Bookkeeping: from n/a through <= 1.3.14.
CVE-2025-23620 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in trof Captchelfie – Captcha by Selfie captchelfie-captcha-by-selfie allows Reflected XSS.This issue affects Captchelfie – Captcha by Selfie: from n/a through <= 1.0.7.
CVE-2025-23616 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Canalplan canalplan-ac allows Reflected XSS.This issue affects Canalplan: from n/a through <= 5.31.
CVE-2025-23615 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in gtekelis Interactive Page Hierarchy interactive-page-hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Interactive Page Hierarchy: from n/a through <= 1.0.1.
CVE-2025-23613 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in mediabeta WP Journal wpjournal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Journal: from n/a through <= 1.1.
CVE-2025-23612 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixobe Pixobe Cartography pixobe-cartography allows Reflected XSS.This issue affects Pixobe Cartography: from n/a through <= 1.0.1.
CVE-2025-23611 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webhue WH Cache & Security wh-cache-and-security allows Reflected XSS.This issue affects WH Cache & Security: from n/a through <= 1.1.2.