Search

Expected end of text, found 'èmes' (at char 20), (line:1, col:21)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (342050 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-23682 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bhuvnesh Gupta Preloader Quotes preloader-quotes allows Reflected XSS.This issue affects Preloader Quotes: from n/a through <= 1.0.0.
CVE-2025-23681 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tahminajannat REDIRECTION PLUS redirection-plus allows Reflected XSS.This issue affects REDIRECTION PLUS: from n/a through <= 2.0.0.
CVE-2025-23680 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Narnoo Narnoo Operator narnoo-shortcodes allows Reflected XSS.This issue affects Narnoo Operator: from n/a through <= 2.0.0.
CVE-2025-23679 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Flourish Pixel FP RSS Category Excluder fp-rss-category-excluder allows Reflected XSS.This issue affects FP RSS Category Excluder: from n/a through <= 1.0.0.
CVE-2025-23678 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Md Imranur Rahman LocalGrid localgrid allows Reflected XSS.This issue affects LocalGrid: from n/a through <= 1.0.1.
CVE-2025-23677 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in DSmidge HTTP to HTTPS link changer by Eyga.net https-links-in-content allows Stored XSS.This issue affects HTTP to HTTPS link changer by Eyga.net: from n/a through <= 0.2.4.
CVE-2025-23676 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shawfactor LH Email lh-email allows Reflected XSS.This issue affects LH Email: from n/a through <= 1.12.
CVE-2025-23675 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Sana Ullah Import Users to MailChimp import-users-to-mailchimp allows Stored XSS.This issue affects Import Users to MailChimp: from n/a through <= 1.0.
CVE-2025-23674 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andygauk Bit.ly linker bitly-linker allows Reflected XSS.This issue affects Bit.ly linker: from n/a through <= 1.1.
CVE-2025-23673 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in dkukral Email on Publish email-on-publish allows Stored XSS.This issue affects Email on Publish: from n/a through <= 1.5.
CVE-2025-23672 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tenteeglobal Instant Appointment instant-appointment allows Reflected XSS.This issue affects Instant Appointment: from n/a through <= 1.2.
CVE-2025-23671 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sav WP OpenSearch wp-opensearch allows Stored XSS.This issue affects WP OpenSearch: from n/a through <= 1.0.
CVE-2025-23670 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in montashov 4 author cheer up donate 4-author-cheer-up-donate allows Reflected XSS.This issue affects 4 author cheer up donate: from n/a through <= 1.3.
CVE-2025-23669 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nurul Amin WP Smart Tooltip wp-smart-tool-tip allows Stored XSS.This issue affects WP Smart Tooltip: from n/a through <= 1.0.0.
CVE-2025-23668 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mauricio Urrego ChatGPT Open AI Images & Content for WooCommerce glasses-for-woocommerce allows Reflected XSS.This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through <= 2.2.0.
CVE-2025-23667 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Christopher Churchill custom-post-edit front-end-post-edit allows Reflected XSS.This issue affects custom-post-edit: from n/a through <= 1.0.4.
CVE-2025-23666 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cxc-sawa Management-screen-droptiles cxc-sawa allows Reflected XSS.This issue affects Management-screen-droptiles: from n/a through <= 1.0.
CVE-2025-23665 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Ravi Kumar Vanukuru RSV GMaps rsv-google-maps allows Stored XSS.This issue affects RSV GMaps: from n/a through <= 1.5.
CVE-2025-23664 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Real Seguro Viagem Real Seguro Viagem seguro-viagem allows Stored XSS.This issue affects Real Seguro Viagem: from n/a through <= 2.0.5.
CVE-2025-23663 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Vaquez Contexto contexto allows Reflected XSS.This issue affects Contexto: from n/a through <= 1.0.