Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (46096 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-32528 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maximevalette iCal Feeds ical-feeds allows Reflected XSS.This issue affects iCal Feeds: from n/a through <= 1.5.3.
CVE-2025-32187 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Quý Lê 91 Administrator Z administrator-z allows DOM-Based XSS.This issue affects Administrator Z: from n/a through <= 2026.03.02.
CVE-2025-32183 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Galaxy Weblinks Video Playlist For YouTube video-playlist-for-youtube allows Stored XSS.This issue affects Video Playlist For YouTube: from n/a through <= 6.7.1.
CVE-2025-31875 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluginic FancyPost post-block allows DOM-Based XSS.This issue affects FancyPost: from n/a through <= 6.0.1.
CVE-2025-30893 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LeadConnector LeadConnector leadconnector allows DOM-Based XSS.This issue affects LeadConnector: from n/a through <= 3.0.2.
CVE-2025-30808 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weblizar - WordPress Themes & Plugin About Author about-author allows Reflected XSS.This issue affects About Author: from n/a through <= 1.6.2.
CVE-2025-30536 1 Wordpress 1 Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zeitwesentech Beautiful Link Preview beautiful-link-preview allows Stored XSS.This issue affects Beautiful Link Preview: from n/a through <= 1.5.0.
CVE-2025-24735 1 Wordpress 1 Wordpress 2026-04-28 7.7 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chatra Chatra Live Chat + ChatBot + Cart Saver allows Stored XSS. This issue affects Chatra Live Chat + ChatBot + Cart Saver: from n/a through 1.0.11.
CVE-2025-23772 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eugenio Petulla’ imaGenius imagenius allows Stored XSS.This issue affects imaGenius: from n/a through <= 1.7.
CVE-2025-22794 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ianhaycox World Cup Predictor world-cup-predictor allows Reflected XSS.This issue affects World Cup Predictor: from n/a through <= 1.9.8.
CVE-2024-56026 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg – SiteOrigin Simple Proxy simple-proxy allows Reflected XSS.This issue affects Simple Proxy: from n/a through <= 1.0.
CVE-2024-53745 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 코스모스팜 – Cosmosfarm 소셜 공유 버튼 By 코스모스팜 cosmosfarm-share-buttons allows Stored XSS.This issue affects 소셜 공유 버튼 By 코스모스팜: from n/a through <= 1.9.
CVE-2024-51917 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lequanghuylc Multiple Votes in one page multiple-votes-in-one-page allows Stored XSS.This issue affects Multiple Votes in one page: from n/a through <= 1.0.4.
CVE-2024-51916 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative Brahma Multifox Plus multifox-plus allows DOM-Based XSS.This issue affects Multifox Plus: from n/a through <= 1.1.6.
CVE-2024-51901 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wojciechborowicz Smooth Maps colour-smooth-maps allows Stored XSS.This issue affects Smooth Maps: from n/a through <= 1.1.
CVE-2024-51808 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pat O’Brien codeSnips codesnips allows Stored XSS.This issue affects codeSnips: from n/a through <= 1.2.
CVE-2024-51802 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bread & Butter Bread & Butter bread-butter allows DOM-Based XSS.This issue affects Bread & Butter: from n/a through <= 7.4.857.
CVE-2024-49301 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sinan Yorulmaz G Meta Keywords g-meta-keywords allows Stored XSS.This issue affects G Meta Keywords: from n/a through <= 1.4.
CVE-2024-49280 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weblizar - WordPress Themes & Plugin Lightbox slider – Responsive Lightbox Gallery simple-lightbox-gallery allows Stored XSS.This issue affects Lightbox slider – Responsive Lightbox Gallery: from n/a through <= 1.10.6.
CVE-2024-4747 1 Propovoice 1 Propovoice Crm 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Propovoice Propovoice CRM allows Stored XSS.This issue affects Propovoice CRM: from n/a through 1.7.6.2.