Web Security.cloud CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 40), (line:1, col:41)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341845 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-23869	1 Wordpress	1 Wordpress	2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in shibulijack CJ Custom Content cj-custom-content allows Stored XSS.This issue affects CJ Custom Content: from n/a through <= 2.0.
CVE-2025-23868			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mliebelt Chess Tempo Viewer chesstempoviewer allows Stored XSS.This issue affects Chess Tempo Viewer: from n/a through <= 0.9.5.
CVE-2025-23867			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in markcoker WordPress File Search wpfilesearch allows Reflected XSS.This issue affects WordPress File Search: from n/a through <= 1.2.
CVE-2025-23866			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E. Marten EU DSGVO Helper dsgvo allows Reflected XSS.This issue affects EU DSGVO Helper: from n/a through <= 1.0.6.1.
CVE-2025-23865	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pressfore Winning Portfolio winning-portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through <= 1.1.
CVE-2025-23864			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luke America WCS QR Code Generator wcs-qr-code-generator allows Stored XSS.This issue affects WCS QR Code Generator: from n/a through <= 1.0.
CVE-2025-23863	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabaoh Rollover Tab rollover-tab allows Stored XSS.This issue affects Rollover Tab: from n/a through <= 1.3.2.
CVE-2025-23862			2026-04-01	N/A
Missing Authorization vulnerability in SzMake Contact Form 7 Anti Spambot contact-form-7-anti-spambot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 Anti Spambot: from n/a through <= 1.0.1.
CVE-2025-23861			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Zack Katz Debt Calculator debt-calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through <= 1.0.1.
CVE-2025-23860	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in crea8xion Charity-thermometer charitydonation-thermometer allows Stored XSS.This issue affects Charity-thermometer: from n/a through <= 1.1.2.
CVE-2025-23859	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jd7777 Daily Proverb daily-proverb allows Stored XSS.This issue affects Daily Proverb: from n/a through <= 2.0.3.
CVE-2025-23858	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hiren Patel Custom Users Order custom-users-order allows Reflected XSS.This issue affects Custom Users Order: from n/a through <= 4.2.
CVE-2025-23857	1 Smartdatasoft	1 Essential Wp Real Estate	2026-04-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SmartDataSoft Essential WP Real Estate essential-wp-real-estate allows Reflected XSS.This issue affects Essential WP Real Estate: from n/a through <= 1.1.3.
CVE-2025-23856	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Odyno Simple Vertical Timeline simple-vertical-timeline allows DOM-Based XSS.This issue affects Simple Vertical Timeline: from n/a through <= 0.1.
CVE-2025-23855	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyljp SpiderDisplay spiderdisplay allows Reflected XSS.This issue affects SpiderDisplay: from n/a through <= 1.9.1.
CVE-2025-23854			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yesstreamingdev Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com shoutcast-and-icecast-html5-web-radio-player-by-yesstreaming-com allows Stored XSS.This issue affects Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com: from n/a through <= 3.3.
CVE-2025-23853			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in michelem NoFollow Free nofollow-free allows Reflected XSS.This issue affects NoFollow Free: from n/a through <= 1.6.3.
CVE-2025-23852	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robin90 First Comment Redirect first-comment-redirect allows Reflected XSS.This issue affects First Comment Redirect: from n/a through <= 1.0.3.
CVE-2025-23851			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Khushwant Singh Coronavirus (COVID-19) Outbreak Data Widgets coronavirus-data-widgets allows Reflected XSS.This issue affects Coronavirus (COVID-19) Outbreak Data Widgets: from n/a through <= 1.1.1.
CVE-2025-23850	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojowill Mojo Under Construction mojo-under-construction allows Reflected XSS.This issue affects Mojo Under Construction: from n/a through <= 1.1.2.

« first previous Page 247 of 17093. next last »