Search

Expected end of text, found ':' (at char 6), (line:1, col:7)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341843 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-58800 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through <= 2.8.5.
CVE-2025-58799 2 Themelocation, Wordpress 2 Custom Woocommerce Checkout Fields Editor, Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in themelocation Custom WooCommerce Checkout Fields Editor add-fields-to-checkout-page-woocommerce allows Cross Site Request Forgery.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through <= 1.3.4.
CVE-2025-58798 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Bjorn Manintveld BCM Duplicate Menu bcm-duplicate-menu allows Cross Site Request Forgery.This issue affects BCM Duplicate Menu: from n/a through <= 1.1.3.
CVE-2025-58797 1 Wordpress 1 Wordpress 2026-04-01 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Mahmudul Hasan Arif Ninja Charts ninja-charts allows Retrieve Embedded Sensitive Data.This issue affects Ninja Charts: from n/a through <= 3.3.5.
CVE-2025-58796 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dudaster Elementor Element Condition ele-conditions allows Stored XSS.This issue affects Elementor Element Condition: from n/a through <= 1.0.5.
CVE-2025-58795 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Payoneer Checkout Payoneer Checkout payoneer-checkout allows Content Spoofing.This issue affects Payoneer Checkout: from n/a through <= 3.4.0.
CVE-2025-58794 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Cross Site Request Forgery.This issue affects Notification for Telegram: from n/a through <= 3.5.
CVE-2025-58793 2 Wordpress, Wpbean 2 Wordpress, Wpb Elementor Addons 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBean WPB Elementor Addons wpb-elementor-addons allows Stored XSS.This issue affects WPB Elementor Addons: from n/a through <= 1.7.
CVE-2025-58792 2 Wordpress, Wpkube 2 Wordpress, Authors List 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in WPKube Authors List authors-list allows Cross Site Request Forgery.This issue affects Authors List: from n/a through <= 2.0.6.2.
CVE-2025-58791 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arjan Olsder SEO Auto Linker wpa-seo-auto-linker allows Stored XSS.This issue affects SEO Auto Linker: from n/a through <= 1.5.3.
CVE-2025-58790 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPKube Kiwi kiwi-social-share allows Stored XSS.This issue affects Kiwi: from n/a through <= 2.1.8.
CVE-2025-58789 2026-04-01 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle WP Full Stripe Free wp-full-stripe-free allows SQL Injection.This issue affects WP Full Stripe Free: from n/a through <= 8.2.5.
CVE-2025-58788 2026-04-01 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal License Manager for WooCommerce license-manager-for-woocommerce allows Blind SQL Injection.This issue affects License Manager for WooCommerce: from n/a through <= 3.0.12.
CVE-2025-58787 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Popup themify-popup allows Stored XSS.This issue affects Themify Popup: from n/a through <= 1.4.2.
CVE-2025-58786 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VW THEMES Ibtana – Ecommerce Product Addons ibtana-ecommerce-product-addons allows DOM-Based XSS.This issue affects Ibtana – Ecommerce Product Addons: from n/a through <= 0.4.7.6.
CVE-2025-58785 2026-04-01 N/A
Missing Authorization vulnerability in Jiro Sasamoto Ray Enterprise Translation lingotek-translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ray Enterprise Translation: from n/a through <= 1.7.2.
CVE-2025-58784 2 Ari-soft, Wordpress 2 Ari Fancy Lightbox, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through <= 1.4.0.
CVE-2025-58783 2 Gutentor, Wordpress 2 Gutentor, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in gutentor Gutentor gutentor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutentor: from n/a through <= 3.5.5.
CVE-2025-58704 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ren Ventura WP Delete User Accounts wp-delete-user-accounts allows Stored XSS.This issue affects WP Delete User Accounts: from n/a through <= 1.2.4.
CVE-2025-58703 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skyword Skyword API Plugin skyword-plugin allows Stored XSS.This issue affects Skyword API Plugin: from n/a through <= 2.5.3.