Search

Expected end of text, found '/' (at char 45), (line:1, col:46)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341694 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-31818 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ContentBot.ai ContentBot AI Writer content-bot allows Stored XSS.This issue affects ContentBot AI Writer: from n/a through <= 1.2.4.
CVE-2025-31817 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWheels BlockWheels blockwheels allows DOM-Based XSS.This issue affects BlockWheels: from n/a through <= 1.0.2.
CVE-2025-31816 2026-04-01 N/A
Missing Authorization vulnerability in pietro Mobile App Canvas mobile-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobile App Canvas: from n/a through <= 3.8.2.
CVE-2025-31815 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devscred Design Blocks exclusive-blocks allows Stored XSS.This issue affects Design Blocks: from n/a through <= 1.2.5.
CVE-2025-31814 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in OwnerRez OwnerRez API ownerrez allows Cross Site Request Forgery.This issue affects OwnerRez API: from n/a through <= 1.2.0.
CVE-2025-31813 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Website366.com WPSHARE247 Elementor Addons wpshare247-elementor-addons allows Stored XSS.This issue affects WPSHARE247 Elementor Addons: from n/a through <= 2.5.
CVE-2025-31812 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas BuddyPress Members Only buddypress-members-only allows Stored XSS.This issue affects BuddyPress Members Only: from n/a through <= 3.5.3.
CVE-2025-31811 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtreeme Planyo online reservation system planyo-online-reservation-system allows Stored XSS.This issue affects Planyo online reservation system: from n/a through <= 3.1.
CVE-2025-31810 2026-04-01 N/A
Missing Authorization vulnerability in PickPlugins Question Answer question-answer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Question Answer: from n/a through <= 1.2.73.
CVE-2025-31809 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator labinator-content-types-duplicator allows Cross Site Request Forgery.This issue affects Labinator Content Types Duplicator: from n/a through <= 1.1.3.
CVE-2025-31808 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor scss-wp-editor allows Cross Site Request Forgery.This issue affects SCSS WP Editor: from n/a through <= 1.2.1.
CVE-2025-31807 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce product-notices-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Notices for WooCommerce: from n/a through <= 1.3.4.
CVE-2025-31806 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uSystems Webling webling allows Stored XSS.This issue affects Webling: from n/a through <= 3.9.0.
CVE-2025-31805 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal Gutena Kit – Gutenberg Blocks and Templates gutena-kit allows Stored XSS.This issue affects Gutena Kit – Gutenberg Blocks and Templates: from n/a through <= 2.0.7.
CVE-2025-31804 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DraftPress Team Follow Us Badges wpsite-follow-us-badges allows Stored XSS.This issue affects Follow Us Badges: from n/a through <= 3.1.11.
CVE-2025-31803 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neteuro Turisbook Booking System turisbook-booking-system allows Stored XSS.This issue affects Turisbook Booking System: from n/a through <= 1.3.8.
CVE-2025-31802 2026-04-01 N/A
Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce shiptimize-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiptimize for WooCommerce: from n/a through <= 3.1.86.
CVE-2025-31801 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maksym Marko MX Time Zone Clocks mx-time-zone-clocks allows Reflected XSS.This issue affects MX Time Zone Clocks: from n/a through <= 5.1.1.
CVE-2025-31800 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in publitio Publitio publitio allows Path Traversal.This issue affects Publitio: from n/a through <= 2.2.0.
CVE-2025-31799 2026-04-01 N/A
Missing Authorization vulnerability in publitio Publitio publitio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Publitio: from n/a through <= 2.1.8.