Search

Expected end of text, found '.' (at char 15), (line:1, col:16)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341827 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-58989 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silverplugins217 Dynamic Text Field For Contact Form 7 dynamic-text-field-for-contact-form-7 allows Stored XSS.This issue affects Dynamic Text Field For Contact Form 7: from n/a through <= 1.0.
CVE-2025-58988 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Dolson My Tickets my-tickets allows Stored XSS.This issue affects My Tickets: from n/a through <= 2.0.22.
CVE-2025-58987 2 Antoineh, Wordpress 2 Football Pool, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AntoineH Football Pool football-pool allows Stored XSS.This issue affects Football Pool: from n/a through <= 2.12.6.
CVE-2025-58985 3 Woocommerce, Wordpress, Wpfactory 3 Woocommerce, Wordpress, Additional Custom Product Tabs For Woocommerce 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through <= 1.7.3.
CVE-2025-58984 2 Welcart, Wordpress 2 E-commerce, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Stored XSS.This issue affects Welcart e-Commerce: from n/a through <= 2.11.20.
CVE-2025-58983 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through <= 1.3.2.
CVE-2025-58982 2 Pixeline, Wordpress 2 Email Protector, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixeline Pixeline&#039;s Email Protector pixelines-email-protector allows Stored XSS.This issue affects Pixeline&#039;s Email Protector: from n/a through <= 1.3.8.
CVE-2025-58981 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital accessibility-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Checker by Equalize Digital: from n/a through <= 1.31.0.
CVE-2025-58980 2 Myrecorp, Wordpress 2 Export Wp Page To Static Html/css, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in recorp Export WP Page to Static HTML/CSS export-wp-page-to-static-html allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Export WP Page to Static HTML/CSS: from n/a through <= 4.1.0.
CVE-2025-58979 2 Berqier, Wordpress 2 Berqwp, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in BerqWP BerqWP searchpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BerqWP: from n/a through <= 2.2.53.
CVE-2025-58978 2 Wordpress, Wpswings 2 Wordpress, Pdf Generator For Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in WP Swings PDF Generator for WordPress pdf-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF Generator for WordPress: from n/a through <= 1.5.4.
CVE-2025-58977 2 Winwar, Wordpress 2 Wp Ebay Product Feeds, Wordpress 2026-04-01 N/A
Server-Side Request Forgery (SSRF) vulnerability in Rhys Wynne WP eBay Product Feeds ebay-feeds-for-wordpress allows Server Side Request Forgery.This issue affects WP eBay Product Feeds: from n/a through <= 3.4.8.
CVE-2025-58976 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital accessibility-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Checker by Equalize Digital: from n/a through <= 1.31.0.
CVE-2025-58975 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings advanced-settings allows Cross Site Request Forgery.This issue affects Advanced Settings: from n/a through <= 3.1.1.
CVE-2025-58974 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through <= 2.9.5.2.
CVE-2025-58973 2 Hashthemes, Wordpress 2 Easy Elementor Addons, Wordpress 2026-04-01 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows PHP Local File Inclusion.This issue affects Easy Elementor Addons: from n/a through <= 2.2.8.
CVE-2025-58969 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Greg Winiarski Custom Login URL custom-login-url allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login URL: from n/a through <= 1.0.2.
CVE-2025-58968 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MaxiBlocks: from n/a through <= 2.1.3.
CVE-2025-58965 2 Agency Dominion, Wordpress 2 Fusion Page Builder, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agency Dominion Inc. Fusion Page Builder : Extension &#8211; Gallery fusion-extension-gallery allows Stored XSS.This issue affects Fusion Page Builder : Extension &#8211; Gallery: from n/a through <= 1.7.6.
CVE-2025-58962 1 Wordpress 1 Wordpress 2026-04-01 N/A
Server-Side Request Forgery (SSRF) vulnerability in publitio Publitio publitio allows Server Side Request Forgery.This issue affects Publitio: from n/a through <= 2.2.1.