Search

Expected end of text, found '.' (at char 48), (line:1, col:49)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341807 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-32274 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Cross Site Request Forgery.This issue affects WP w3all phpBB: from n/a through <= 2.9.8.
CVE-2025-32273 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in freetobook Freetobook Responsive Widget freetobook-responsive-widget allows Cross Site Request Forgery.This issue affects Freetobook Responsive Widget: from n/a through <= 1.1.
CVE-2025-32272 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Wishlist wishlist allows Cross Site Request Forgery.This issue affects Wishlist: from n/a through <= 1.0.46.
CVE-2025-32271 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in ablancodev Woocommerce Role Pricing woocommerce-role-pricing allows Cross Site Request Forgery.This issue affects Woocommerce Role Pricing: from n/a through <= 3.5.6.
CVE-2025-32270 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Broadstreet Broadstreet Ads broadstreet allows Cross Site Request Forgery.This issue affects Broadstreet Ads: from n/a through <= 1.52.1.
CVE-2025-32269 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-zendesk allows Cross Site Request Forgery.This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through <= 1.1.3.
CVE-2025-32268 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in www.15.to QR Code Tag for WC qr-code-tag-for-wc-from-goaskle-com allows Cross Site Request Forgery.This issue affects QR Code Tag for WC: from n/a through <= 1.9.42.
CVE-2025-32267 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in wpzinc Post to Social Media – WordPress to Hootsuite wp-to-hootsuite allows Cross Site Request Forgery.This issue affects Post to Social Media – WordPress to Hootsuite: from n/a through <= 1.5.8.
CVE-2025-32266 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in wp-buy 404 Image Redirection (Replace Broken Images) broken-images-redirection allows Cross Site Request Forgery.This issue affects 404 Image Redirection (Replace Broken Images): from n/a through <= 1.4.
CVE-2025-32265 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP jobwp allows Cross Site Request Forgery.This issue affects JobWP: from n/a through <= 2.3.9.
CVE-2025-32264 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows Cross Site Request Forgery.This issue affects UltraAddons Elementor Lite: from n/a through <= 2.0.2.
CVE-2025-32263 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in BeRocket Sequential Order Numbers for WooCommerce sequential-order-numbers-for-woocommerce allows Cross Site Request Forgery.This issue affects Sequential Order Numbers for WooCommerce: from n/a through <= 3.6.2.
CVE-2025-32262 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Robert D Payne RDP Wiki Embed rdp-wiki-embed allows Cross Site Request Forgery.This issue affects RDP Wiki Embed: from n/a through <= 1.2.20.
CVE-2025-32261 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Kuppuraj Advanced All in One Admin Search by WP Spotlight wp-spotlight-search allows Cross Site Request Forgery.This issue affects Advanced All in One Admin Search by WP Spotlight: from n/a through <= 1.1.1.
CVE-2025-32260 2026-04-01 N/A
Missing Authorization vulnerability in Detheme DethemeKit For Elementor dethemekit-for-elementor.This issue affects DethemeKit For Elementor: from n/a through <= 2.1.10.
CVE-2025-32259 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Alimir WP ULike wp-ulike.This issue affects WP ULike: from n/a through <= 4.7.9.1.
CVE-2025-32258 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in InfoGiants Simple Website Logo simple-website-logo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Website Logo: from n/a through <= 1.1.
CVE-2025-32257 2026-04-01 N/A
Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration 1-click-migration allows Retrieve Embedded Sensitive Data.This issue affects 1 Click WordPress Migration: from n/a through <= 2.5.7.
CVE-2025-32256 2026-04-01 N/A
Missing Authorization vulnerability in devsoftbaltic SurveyJS surveyjs allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SurveyJS: from n/a through <= 1.12.20.
CVE-2025-32255 2 Era404, Wordpress 2 Stafflist, Wordpress 2026-04-01 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ERA404 StaffList stafflist allows Retrieve Embedded Sensitive Data.This issue affects StaffList: from n/a through <= 3.2.7.