Search

Expected end of text, found '.' (at char 31), (line:1, col:32)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341827 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-31793 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Stored XSS.This issue affects Piotnet Forms: from n/a through <= 1.0.30.
CVE-2025-31792 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Stored XSS.This issue affects Piotnet Forms: from n/a through <= 1.0.30.
CVE-2025-31791 2026-04-01 N/A
Missing Authorization vulnerability in Oliver Boyers Pin Generator pin-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pin Generator: from n/a through <= 2.0.0.
CVE-2025-31790 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Binsaifullah Posten posten-post-blocks allows DOM-Based XSS.This issue affects Posten: from n/a through <= 0.0.1.
CVE-2025-31789 2026-04-01 N/A
Missing Authorization vulnerability in Matat Technologies TextMe SMS textme-sms-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TextMe SMS: from n/a through <= 1.9.1.
CVE-2025-31788 2026-04-01 N/A
Insertion of Sensitive Information into Log File vulnerability in Smackcoders Inc., AIO Performance Profiler, Monitor, Optimize, Compress & Debug all-in-one-performance-accelerator allows Retrieve Embedded Sensitive Data.This issue affects AIO Performance Profiler, Monitor, Optimize, Compress & Debug: from n/a through <= 1.3.
CVE-2025-31787 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in AudioTheme Cue cue allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cue: from n/a through <= 2.4.4.
CVE-2025-31786 2026-04-01 N/A
Missing Authorization vulnerability in Travis Simple Icons simple-icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Icons: from n/a through <= 2.8.4.
CVE-2025-31785 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Clearbit Clearbit Reveal clearbit allows Cross Site Request Forgery.This issue affects Clearbit Reveal: from n/a through <= 1.0.6.
CVE-2025-31784 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Rudy Susanto Embed Extended embed-extended allows Cross Site Request Forgery.This issue affects Embed Extended: from n/a through <= 1.4.0.
CVE-2025-31783 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leartes.NET Leartes TRY Exchange Rates leartes-try-exchange-rates allows Stored XSS.This issue affects Leartes TRY Exchange Rates: from n/a through <= 2.1.
CVE-2025-31782 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in pupunzi mb.YTPlayer wpmbytplayer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects mb.YTPlayer: from n/a through <= 3.3.8.
CVE-2025-31781 2026-04-01 N/A
Missing Authorization vulnerability in ahmadshyk Gift Cards for WooCommerce woo-giftcards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gift Cards for WooCommerce: from n/a through <= 1.5.8.
CVE-2025-31780 2026-04-01 N/A
Missing Authorization vulnerability in Andy Stratton Append Content append-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Append Content: from n/a through <= 2.1.1.
CVE-2025-31779 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Jonathan Daggerhart Query Wrangler query-wrangler allows Cross Site Request Forgery.This issue affects Query Wrangler: from n/a through <= 1.5.54.
CVE-2025-31778 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in raphaelheide Donate Me donate-me allows Reflected XSS.This issue affects Donate Me: from n/a through <= 1.2.5.
CVE-2025-31777 2026-04-01 N/A
Missing Authorization vulnerability in BeastThemes Clockinator Lite clockify-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clockinator Lite: from n/a through <= 1.0.9.
CVE-2025-31776 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Aphotrax Uptime Robot Plugin for WordPress uptime-robot-monitor allows Cross Site Request Forgery.This issue affects Uptime Robot Plugin for WordPress: from n/a through <= 2.3.
CVE-2025-31775 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Smackcoders Inc., Google SEO Pressor Snippet google-seo-author-snippets allows Cross Site Request Forgery.This issue affects Google SEO Pressor Snippet: from n/a through <= 2.0.
CVE-2025-31774 2026-04-01 N/A
Missing Authorization vulnerability in WebProtect.ai Astra Security Suite getastra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Astra Security Suite: from n/a through <= 0.2.