Search

Expected end of text, found '.' (at char 58), (line:1, col:59)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341827 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-23897 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivobrett Apply with LinkedIn buttons apply-with-linkedin-buttons allows DOM-Based XSS.This issue affects Apply with LinkedIn buttons: from n/a through <= 2.3.
CVE-2025-23896 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thom4 Mindmeister Shortcode mindmeister-shortcode allows DOM-Based XSS.This issue affects Mindmeister Shortcode: from n/a through <= 1.0.
CVE-2025-23895 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Dan Cameron Add RSS add-rss allows Stored XSS.This issue affects Add RSS: from n/a through <= 1.5.
CVE-2025-23894 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tatsuya wp-flickr-press wp-flickr-press allows Reflected XSS.This issue affects wp-flickr-press: from n/a through <= 2.6.4.
CVE-2025-23893 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Manny Costales GMap Shortcode gmap-shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through <= 2.0.
CVE-2025-23892 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Furr Progress Tracker progress-tracker allows DOM-Based XSS.This issue affects Progress Tracker: from n/a through <= 0.9.3.
CVE-2025-23891 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Loy Yet Another Countdown yacp allows DOM-Based XSS.This issue affects Yet Another Countdown: from n/a through <= 1.0.1.
CVE-2025-23890 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tom Ewer Easy Tweet Embed easy-tweet-embed allows DOM-Based XSS.This issue affects Easy Tweet Embed: from n/a through <= 1.7.
CVE-2025-23889 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tormorten FooGallery Captions foogallery-captions allows Reflected XSS.This issue affects FooGallery Captions: from n/a through <= 1.0.2.
CVE-2025-23888 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GrandSlambert Custom Page Extensions custom-page-extensions allows Reflected XSS.This issue affects Custom Page Extensions: from n/a through <= 0.6.
CVE-2025-23887 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scottwallick Blog Summary blog-summary allows Stored XSS.This issue affects Blog Summary: from n/a through <= 0.1.2 β.
CVE-2025-23886 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Roberts Annie annie allows Stored XSS.This issue affects Annie: from n/a through <= 2.1.1.
CVE-2025-23885 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anildhiman MJ Contact us mj-contact-us allows Reflected XSS.This issue affects MJ Contact us: from n/a through <= 5.2.3.
CVE-2025-23884 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Chris Roberts Annie annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through <= 2.1.1.
CVE-2025-23883 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in unalignedcoder Stray Random Quotes stray-quotes allows Reflected XSS.This issue affects Stray Random Quotes: from n/a through <= 1.9.9.
CVE-2025-23882 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in misanthrop WP Download Codes wp-download-codes allows Reflected XSS.This issue affects WP Download Codes: from n/a through <= 2.5.4.
CVE-2025-23881 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in littlejon LJ Custom Menu Links lj-custom-menu-links allows Reflected XSS.This issue affects LJ Custom Menu Links: from n/a through <= 2.5.
CVE-2025-23880 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in anmari amr personalise amr-personalise allows Cross Site Request Forgery.This issue affects amr personalise: from n/a through <= 2.10.
CVE-2025-23879 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PillarDev Easy Automatic Newsletter Lite easy-automatic-newsletter allows Reflected XSS.This issue affects Easy Automatic Newsletter Lite: from n/a through <= 3.2.0.
CVE-2025-23878 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Post-to-Post Links easy-post-to-post-links allows Stored XSS.This issue affects Post-to-Post Links: from n/a through <= 4.2.