Search

Expected end of text, found '.' (at char 30), (line:1, col:31)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341807 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-57978 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in themespride Advanced Appointment Booking &amp; Scheduling advanced-appointment-booking-scheduling allows Cross Site Request Forgery.This issue affects Advanced Appointment Booking &amp; Scheduling: from n/a through <= 2.1.
CVE-2025-57977 3 Woocommerce, Wordpress, Wpdesk 3 Woocommerce, Wordpress, Flexible Pdf Invoices 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible PDF Invoices for WooCommerce &amp; WordPress flexible-invoices allows Cross Site Request Forgery.This issue affects Flexible PDF Invoices for WooCommerce &amp; WordPress: from n/a through <= 6.0.13.
CVE-2025-57976 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in CardCom CardCom Payment Gateway woo-cardcom-payment-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CardCom Payment Gateway: from n/a through <= 3.5.0.7.
CVE-2025-57975 2 Radiustheme, Wordpress 2 Team, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.6.
CVE-2025-57974 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tuyennv TZ PlusGallery tz-plus-gallery allows Stored XSS.This issue affects TZ PlusGallery: from n/a through <= 1.5.5.
CVE-2025-57973 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chad Butler WP-Members wp-members allows Stored XSS.This issue affects WP-Members: from n/a through <= 3.5.4.2.
CVE-2025-57972 3 Woocommerce, Wordpress, Wpfactory 3 Woocommerce, Wordpress, Helpdesk Support Ticket System 2026-04-01 N/A
Missing Authorization vulnerability in WPFactory Helpdesk Support Ticket System for WooCommerce support-ticket-system-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Helpdesk Support Ticket System for WooCommerce: from n/a through <= 2.1.1.
CVE-2025-57971 2 Salesmanago, Wordpress 2 Salesmanago, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago & Leadoo: from n/a through <= 3.8.1.
CVE-2025-57970 2 Salesmanago, Wordpress 2 Salesmanago, Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Cross Site Request Forgery.This issue affects SALESmanago & Leadoo: from n/a through <= 3.8.1.
CVE-2025-57969 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Jeremy Saxey Hide WP Toolbar hide-wp-toolbar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hide WP Toolbar: from n/a through <= 2.7.
CVE-2025-57968 2 E4jconnect, Wordpress 2 Vikrestaurants Table Reservations And Take-away, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikRestaurants vikrestaurants allows Reflected XSS.This issue affects VikRestaurants: from n/a through <= 1.5.
CVE-2025-57967 3 Woocommerce, Wordpress, Wpbean 3 Woocommerce, Wordpress, Wpb Quick View 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBean WPB Quick View for WooCommerce woocommerce-lightbox allows Stored XSS.This issue affects WPB Quick View for WooCommerce: from n/a through <= 2.1.8.
CVE-2025-57966 2 Ghozylab, Wordpress 2 Gallery Lightbox, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Gallery Lightbox gallery-lightbox-slider allows Stored XSS.This issue affects Gallery Lightbox: from n/a through <= 1.0.0.41.
CVE-2025-57964 2 Photonicgnostic, Wordpress 2 Library Bookshelves, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in photonicgnostic Library Bookshelves library-bookshelves allows Stored XSS.This issue affects Library Bookshelves: from n/a through <= 5.11.
CVE-2025-57963 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Subscriptions Zoho Billing zoho-subscriptions allows DOM-Based XSS.This issue affects Zoho Billing: from n/a through <= 4.1.
CVE-2025-57962 2 E4jconnect, Wordpress 2 Vikrestaurants Table Reservations And Take-away, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikRestaurants vikrestaurants allows Stored XSS.This issue affects VikRestaurants: from n/a through <= 1.5.1.
CVE-2025-57961 2 Codexpert, Wordpress 2 Codesigner, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Codexpert, Inc CoDesigner woolementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoDesigner: from n/a through <= 4.29.
CVE-2025-57960 2 Travelmap, Wordpress 2 Travelmap, Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in TravelMap Travel Map travelmap-blog allows Cross Site Request Forgery.This issue affects Travel Map: from n/a through <= 1.0.3.
CVE-2025-57959 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tmatsuur Slightly troublesome permalink slightly-troublesome-permalink allows Stored XSS.This issue affects Slightly troublesome permalink: from n/a through <= 1.2.0.
CVE-2025-57958 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in WPXPO WowAddons product-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowAddons: from n/a through <= 1.6.3.