Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11399 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-62903 2 Wordpress, Wpclever 2 Wordpress, Wpc Smart Messages For Woocommerce 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPClever WPC Smart Messages for WooCommerce wpc-smart-messages allows Stored XSS.This issue affects WPC Smart Messages for WooCommerce: from n/a through <= 4.2.8.
CVE-2025-62902 2 Themehunk, Wordpress 2 Wp Popup Builder, Wordpress 2026-04-01 7.5 High
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk WP Popup Builder wp-popup-builder allows Retrieve Embedded Sensitive Data.This issue affects WP Popup Builder: from n/a through <= 1.3.8.
CVE-2025-62897 1 Wordpress 1 Wordpress 2026-04-01 4.7 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through < 10.1.0.
CVE-2025-62895 2 Atarim, Wordpress 2 Atarim, Wordpress 2026-04-01 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.1.
CVE-2025-62889 3 Elementor, Kingaddons, Wordpress 3 Elementor, King Addons For Elementor, Wordpress 2026-04-01 8.8 High
Missing Authorization vulnerability in KingAddons.com King Addons for Elementor king-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects King Addons for Elementor: from n/a through <= 51.1.61.
CVE-2025-62887 3 Elementor, Kingaddons, Wordpress 3 Elementor, King Addons For Elementor, Wordpress 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KingAddons.com King Addons for Elementor king-addons allows DOM-Based XSS.This issue affects King Addons for Elementor: from n/a through <= 51.1.61.
CVE-2025-62886 2 Wordpress, Wpdevart 2 Wordpress, Pricing Table Builder 2026-04-01 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder wpdevart-pricing-table allows Stored XSS.This issue affects Pricing Table builder: from n/a through <= 1.5.3.
CVE-2025-62885 2 Rextheme, Wordpress 2 Wp Vr, Wordpress 2026-04-01 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through <= 8.5.48.
CVE-2025-62884 2 Relywp, Wordpress 2 Coupon Affiliates, Wordpress 2026-04-01 5.3 Medium
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coupon Affiliates: from n/a through <= 7.2.0.
CVE-2025-62870 3 Eupago, Woocommerce, Wordpress 3 Eupago Gateway Woocommerce, Woocommerce, Wordpress 2026-04-01 5.3 Medium
Missing Authorization vulnerability in Eupago Eupago Gateway For Woocommerce eupago-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eupago Gateway For Woocommerce: from n/a through <= 4.7.1.
CVE-2025-62867 1 Wordpress 1 Wordpress 2026-04-01 4.3 Medium
Missing Authorization vulnerability in ergonet Ergonet Cache ergonet-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ergonet Cache: from n/a through <= 1.0.13.
CVE-2025-62740 2 Mario Peshev, Wordpress 2 Wp-crm-system, Wordpress 2026-04-01 5.3 Medium
Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.4.6.
CVE-2025-62734 1 Wordpress 1 Wordpress 2026-04-01 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in M.Code Media Library Downloader media-library-downloader allows Cross Site Request Forgery.This issue affects Media Library Downloader: from n/a through <= 1.4.0.
CVE-2025-62152 2 Conveythis, Wordpress 2 Conveythis, Wordpress 2026-04-01 8.8 High
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 269.2.
CVE-2025-62086 1 Wordpress 1 Wordpress 2026-04-01 5.4 Medium
Missing Authorization vulnerability in akazanstev Яндекс Доставка (Boxberry) boxberry allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Яндекс Доставка (Boxberry): from n/a through <= 2.34.
CVE-2025-62085 2 Bertha, Wordpress 2 Bertha Ai, Wordpress 2026-04-01 5.3 Medium
Missing Authorization vulnerability in Bertha AI &#8211; Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/a through <= 1.13.
CVE-2025-62082 1 Wordpress 1 Wordpress 2026-04-01 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nasir Uddin Generic Elements generic-elements-for-elementor allows Stored XSS.This issue affects Generic Elements: from n/a through <= 1.2.9.
CVE-2025-62018 2 Hogash, Wordpress 2 Kallyas, Wordpress 2026-04-01 5.3 Medium
Missing Authorization vulnerability in hogash KALLYAS kallyas.This issue affects KALLYAS: from n/a through <= 4.22.0.
CVE-2025-62017 2 Hogash, Wordpress 2 Kallyas, Wordpress 2026-04-01 5.4 Medium
Missing Authorization vulnerability in hogash KALLYAS kallyas.This issue affects KALLYAS: from n/a through <= 4.22.0.
CVE-2025-62016 2 Hogash, Wordpress 2 Kallyas, Wordpress 2026-04-01 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in hogash KALLYAS kallyas.This issue affects KALLYAS: from n/a through <= 4.22.0.