CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45568 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-53320	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wp Enhanced Free Downloads EDD free-downloads-edd allows DOM-Based XSS.This issue affects Free Downloads EDD: from n/a through <= 1.0.4.
CVE-2025-53307	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beaver Builder WordPress Assistant assistant allows Reflected XSS.This issue affects WordPress Assistant: from n/a through <= 1.5.2.
CVE-2025-53301	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Junkie Theme Junkie Team Content theme-junkie-team-content allows DOM-Based XSS.This issue affects Theme Junkie Team Content: from n/a through <= 0.1.1.
CVE-2025-53300	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in douglaskarr Podcast Feed Player Widget and Shortcode podcast-feed-player-widget allows Stored XSS.This issue affects Podcast Feed Player Widget and Shortcode: from n/a through <= 2.2.0.
CVE-2025-53296	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ecoal95 EC Stars Rating ec-stars-rating allows Stored XSS.This issue affects EC Stars Rating: from n/a through <= 1.0.11.
CVE-2025-53294	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smart Agenda Smart Agenda smart-agenda-prise-de-rendez-vous-en-ligne allows Stored XSS.This issue affects Smart Agenda: from n/a through <= 4.9.
CVE-2025-53292	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in samsk WP DataTable wp-datatable allows DOM-Based XSS.This issue affects WP DataTable: from n/a through <= 0.2.7.
CVE-2025-53290	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anonymized-15272943 WP Visual Sitemap wp-visual-sitemap allows Stored XSS.This issue affects WP Visual Sitemap: from n/a through <= 1.0.2.
CVE-2025-53289	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason Theme Blvd Widget Areas theme-blvd-widget-areas allows Reflected XSS.This issue affects Theme Blvd Widget Areas: from n/a through <= 1.3.0.
CVE-2025-53287	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Cummings Quick Favicon quick-favicon allows Stored XSS.This issue affects Quick Favicon: from n/a through <= 0.22.8.
CVE-2025-53286	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jhainey Milevis Dropify wc-dropi-integration allows Reflected XSS.This issue affects Dropify: from n/a through <= 4.7.2.
CVE-2025-53285			2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Website Flip Add & Replace Affiliate Links for Amazon add-replace-affiliate-links-for-amazon allows Stored XSS.This issue affects Add & Replace Affiliate Links for Amazon: from n/a through <= 1.0.6.
CVE-2025-53282	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com Thumbnail Editor thumbnail-editor allows Stored XSS.This issue affects Thumbnail Editor: from n/a through <= 2.3.3.
CVE-2025-53280	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AntoineH Football Pool football-pool allows Stored XSS.This issue affects Football Pool: from n/a through <= 2.12.5.
CVE-2025-53279	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows DOM-Based XSS.This issue affects Popup addon for Ninja Forms: from n/a through <= 3.4.
CVE-2025-53278	2 Wordpress, Wpeka	2 Wordpress, Wp Adcenter	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPeka WP AdCenter wpadcenter allows Stored XSS.This issue affects WP AdCenter: from n/a through <= 2.6.0.
CVE-2025-53276	2 Omnipressteam, Wordpress	2 Omnipress, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows DOM-Based XSS.This issue affects Omnipress: from n/a through <= 1.6.4.
CVE-2025-53275	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VaultDweller Leyka leyka allows DOM-Based XSS.This issue affects Leyka: from n/a through <= 3.32.1.
CVE-2025-53253	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh WP Edit wp-edit allows Stored XSS.This issue affects WP Edit: from n/a through <= 4.0.4.
CVE-2025-53245	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through <= 1.2.

« first previous Page 29 of 2279. next last »