Total
38053 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49410 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imran Emu TC Testimonials allows Stored XSS. This issue affects TC Testimonials: from n/a through 1.1.1. | ||||
| CVE-2025-54056 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist allows Reflected XSS. This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through 3.5.8. | ||||
| CVE-2025-48154 | 2 Lambertgroup, Wordpress | 2 Multimedia Playlist Slider Addon For Wpbakery Page Builder, Wordpress | 2025-08-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Multimedia Playlist Slider Addon for WPBakery Page Builder allows Reflected XSS. This issue affects Multimedia Playlist Slider Addon for WPBakery Page Builder: from n/a through 2.1. | ||||
| CVE-2025-49893 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in liseperu Elizaibots allows Stored XSS. This issue affects Elizaibots: from n/a through 1.0.2. | ||||
| CVE-2025-54044 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in _CreativeMedia_ Elite Video Player allows Reflected XSS. This issue affects Elite Video Player: from n/a through 10.0.5. | ||||
| CVE-2025-54027 | 2 Schiocco, Wordpress | 2 Support Board, Wordpress | 2025-08-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board allows Reflected XSS. This issue affects Support Board: from n/a through 3.8.0. | ||||
| CVE-2025-49413 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wishloop Terms of Service & Privacy Policy Generator allows Stored XSS. This issue affects Terms of Service & Privacy Policy Generator: from n/a through 1.0. | ||||
| CVE-2025-49422 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aelora iframe Wrapper allows DOM-Based XSS. This issue affects iframe Wrapper: from n/a through 0.1.1. | ||||
| CVE-2025-49889 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in imaprogrammer Custom Comment allows Stored XSS. This issue affects Custom Comment: from n/a through 2.1.6. | ||||
| CVE-2025-48296 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup UpStore allows Reflected XSS. This issue affects UpStore: from n/a through 1.7.0. | ||||
| CVE-2025-49389 | 2 Wensolutions, Wordpress | 2 Notice Bar, Wordpress | 2025-08-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Solutions Notice Bar allows Stored XSS. This issue affects Notice Bar: from n/a through 3.1.3. | ||||
| CVE-2025-53195 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2025-08-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine allows Stored XSS. This issue affects JetEngine: from n/a through 3.7.0. | ||||
| CVE-2025-49409 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brewlabs SensorPress allows Stored XSS. This issue affects SensorPress: from n/a through 1.0. | ||||
| CVE-2025-48152 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dimafreund Rentsyst allows Reflected XSS. This issue affects Rentsyst: from n/a through 2.0.100. | ||||
| CVE-2025-49420 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre-Henri Lavigne Markup Markdown allows Stored XSS. This issue affects Markup Markdown: from n/a through 3.20.6. | ||||
| CVE-2025-49892 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in badasswp Pending Order Bot allows Stored XSS. This issue affects Pending Order Bot: from n/a through 1.0.2. | ||||
| CVE-2025-49392 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Audio Dock allows Stored XSS. This issue affects Themify Audio Dock: from n/a through 2.0.5. | ||||
| CVE-2025-49891 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in riotweb Contact Info Widget allows Stored XSS. This issue affects Contact Info Widget: from n/a through 2.6.2. | ||||
| CVE-2025-28977 | 2 Thimpress, Wordpress | 2 Wp Pipes, Wordpress | 2025-08-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress WP Pipes allows Reflected XSS. This issue affects WP Pipes: from n/a through 1.4.3. | ||||
| CVE-2025-49397 | 1 Wordpress | 1 Wordpress | 2025-08-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Colorbox Lightbox allows Stored XSS. This issue affects Colorbox Lightbox: from n/a through 1.1.5. | ||||