Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341845 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-30874 2026-04-01 N/A
Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through <= 0.5.3.
CVE-2025-30873 1 Wpsoul 1 Greenshift 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Stored XSS.This issue affects Greenshift: from n/a through <= 11.0.2.
CVE-2025-30872 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce wc-product-author allows Cross Site Request Forgery.This issue affects Product Author for WooCommerce: from n/a through <= 1.0.7.
CVE-2025-30871 1 Wptravelengine 1 Wp Travel Engine 2026-04-01 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine wp-travel-engine allows PHP Local File Inclusion.This issue affects WP Travel Engine: from n/a through <= 6.3.5.
CVE-2025-30870 1 Wptravelengine 1 Wp Travel Engine 2026-04-01 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine wp-travel-engine allows PHP Local File Inclusion.This issue affects WP Travel Engine: from n/a through <= 6.3.5.
CVE-2025-30869 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Parakoos Image Wall image-wall allows Reflected XSS.This issue affects Image Wall: from n/a through <= 3.0.
CVE-2025-30868 2026-04-01 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maidul Team Manager wp-team-manager allows PHP Local File Inclusion.This issue affects Team Manager: from n/a through <= 2.1.23.
CVE-2025-30867 1 Searchiq 1 Searchiq 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through <= 4.7.
CVE-2025-30866 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Giannis Kipouros Terms & Conditions Per Product terms-and-conditions-per-product allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Terms & Conditions Per Product: from n/a through <= 1.2.15.
CVE-2025-30865 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lite 3dprint-lite allows Cross Site Request Forgery.This issue affects 3DPrint Lite: from n/a through <= 2.1.3.5.
CVE-2025-30864 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in falselight Exchange Rates exchange-rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exchange Rates: from n/a through <= 1.2.2.
CVE-2025-30863 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms integration-for-contact-form-7-and-google-sheets allows Cross Site Request Forgery.This issue affects Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through <= 1.0.9.
CVE-2025-30862 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through <= 2.22.
CVE-2025-30861 2026-04-01 N/A
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through <= 2.6.29.
CVE-2025-30860 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) off-canvas-sidebars allows DOM-Based XSS.This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through <= 0.5.8.2.
CVE-2025-30859 2026-04-01 N/A
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in guru-aliexpress AliNext ali2woo-lite allows Phishing.This issue affects AliNext: from n/a through <= 3.5.1.
CVE-2025-30858 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Snow Storm snow-storm allows Reflected XSS.This issue affects Snow Storm: from n/a through <= 1.4.6.
CVE-2025-30857 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Currency Switcher for WooCommerce currency-switcher-for-woocommerce allows Stored XSS.This issue affects Currency Switcher for WooCommerce: from n/a through <= 0.0.7.
CVE-2025-30856 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Cross Site Request Forgery.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.4.
CVE-2025-30855 2026-04-01 N/A
Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ads by WPQuads: from n/a through <= 2.0.87.1.