Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (43372 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-62042 1 Wordpress 1 Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post.This issue affects Event post: from n/a through <= 5.10.3.
CVE-2025-62041 3 Codexthemes, Elementor, Wordpress 3 Thegem, Elementor, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor) thegem-elementor.This issue affects TheGem (Elementor): from n/a through <= 5.10.5.1.
CVE-2025-62040 2 Wordpress, Yop-poll 3 Wordpress, Yop-poll, Yop Poll 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through <= 6.5.37.
CVE-2025-62036 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVE-2025-62032 2 Tagdiv, Wordpress 2 Cloud Library, Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through < 3.9.2.
CVE-2025-62031 2 Tagdiv, Wordpress 2 Composer, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through <= 5.4.1.
CVE-2025-62030 2 Tagdiv, Wordpress 2 Composer, Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through <= 5.4.1.
CVE-2025-62024 2 Jonathanjernigan, Wordpress 2 Pie Calendar, Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonathan Jernigan Pie Calendar pie-calendar.This issue affects Pie Calendar: from n/a through <= 1.2.9.
CVE-2025-62020 2 Infomaniak, Wordpress 2 Vod Infomaniak, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infomaniak Network VOD Infomaniak vod-infomaniak.This issue affects VOD Infomaniak: from n/a through <= 1.5.11.
CVE-2025-62012 3 Codexthemes, Elementor, Wordpress 3 Thegem, Elementor, Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor) thegem-elementor.This issue affects TheGem (Elementor): from n/a through <= 5.10.5.
CVE-2025-62011 2 Codexthemes, Wordpress 2 Thegem, Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem thegem.This issue affects TheGem: from n/a through <= 5.10.5.
CVE-2025-60246 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weissmike Simple Finance Calculator simple-finance-calculator allows Reflected XSS.This issue affects Simple Finance Calculator: from n/a through <= 1.0.
CVE-2025-60182 2 Schiocco, Wordpress 2 Support Board, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through < 3.8.7.
CVE-2025-60176 1 Wordpress 1 Wordpress 2026-01-20 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tattersoftware WP Tesseract wp-tesseract allows Stored XSS.This issue affects WP Tesseract: from n/a through <= 1.0.2.
CVE-2025-60135 1 Wordpress 1 Wordpress 2026-01-20 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NIKITAS GEORGOPOULOS WeShare Buttons e-mailit allows Stored XSS.This issue affects WeShare Buttons: from n/a through <= 13.0.0.
CVE-2025-60131 1 Wordpress 1 Wordpress 2026-01-20 5.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoefff Werk aan de Muur werk-aan-de-muur allows Stored XSS.This issue affects Werk aan de Muur: from n/a through <= 1.5.
CVE-2025-59571 2 Purethemes, Wordpress 2 Workscout Core, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through < 1.7.06.
CVE-2025-59556 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup GoStore gostore allows Reflected XSS.This issue affects GoStore: from n/a through < 1.6.4.
CVE-2025-59135 1 Wordpress 1 Wordpress 2026-01-20 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eLEOPARD Behance Portfolio Manager allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through 1.7.5.
CVE-2025-59006 3 Themebon, Woocommerce, Wordpress 3 Easy Woocommerce Customizer, Woocommerce, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themebon Easy Woocommerce Customizer easy-woocommerce-customizer allows Reflected XSS.This issue affects Easy Woocommerce Customizer: from n/a through <= 1.0.2.