Search

Expected end of text, found '.' (at char 12), (line:1, col:13)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341807 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-57957 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in wpcraft WooMS wooms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooMS: from n/a through <= 9.12.
CVE-2025-57956 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpcraft WooMS wooms allows Stored XSS.This issue affects WooMS: from n/a through <= 9.12.
CVE-2025-57955 2 Plugin-devs, Wordpress 2 Post Carousel Slider For Elementor, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Plugin Devs Post Carousel Slider for Elementor post-carousel-slider-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Carousel Slider for Elementor: from n/a through <= 1.7.0.
CVE-2025-57954 2 Ays-pro, Wordpress 2 Poll Maker, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Poll Maker poll-maker allows DOM-Based XSS.This issue affects Poll Maker: from n/a through <= 6.0.2.
CVE-2025-57953 2 100plugins, Wordpress 2 Open User Map, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through <= 1.4.14.
CVE-2025-57952 2 Icopydoc, Wordpress 2 Maps For Wp, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc Maps for WP maps-for-wp allows Stored XSS.This issue affects Maps for WP: from n/a through <= 1.2.5.
CVE-2025-57951 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ken107 SiteNarrator Text-to-Speech Widget sitespeaker-widget allows Stored XSS.This issue affects SiteNarrator Text-to-Speech Widget: from n/a through <= 1.9.
CVE-2025-57950 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Glen Scott Plugin Security Scanner plugin-security-scanner allows Stored XSS.This issue affects Plugin Security Scanner: from n/a through <= 2.0.2.
CVE-2025-57949 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in oggix Ongkoskirim.id ongkoskirim-id allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ongkoskirim.id: from n/a through <= 1.0.6.
CVE-2025-57948 2 E-plugins, Wordpress 2 Directory Pro, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Directory Pro directory-pro allows DOM-Based XSS.This issue affects Directory Pro: from n/a through <= 2.5.5.
CVE-2025-57947 2 Ays-pro, Wordpress 2 Photo Gallery, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Photo Gallery by Ays gallery-photo-gallery allows DOM-Based XSS.This issue affects Photo Gallery by Ays: from n/a through <= 6.3.8.
CVE-2025-57946 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Loc Bui payOS payos allows Cross Site Request Forgery.This issue affects payOS: from n/a through <= 1.0.73.
CVE-2025-57945 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cedcommerce WP Advanced PDF wp-advanced-pdf allows Stored XSS.This issue affects WP Advanced PDF: from n/a through <= 1.1.7.
CVE-2025-57944 2 Skimlinks, Wordpress 2 Affiliate Marketing Tool, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool skimlinks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Skimlinks Affiliate Marketing Tool: from n/a through <= 1.3.
CVE-2025-57943 2 Skimlinks, Wordpress 2 Affiliate Marketing Tool, Wordpress 2026-04-01 N/A
Server-Side Request Forgery (SSRF) vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool skimlinks allows Server Side Request Forgery.This issue affects Skimlinks Affiliate Marketing Tool: from n/a through <= 1.3.1.
CVE-2025-57942 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Emergency Password Reset emergency-password-reset allows Cross Site Request Forgery.This issue affects Emergency Password Reset: from n/a through <= 9.3.
CVE-2025-57941 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JonathanMH Append Link on Copy append-link-on-copy allows Stored XSS.This issue affects Append Link on Copy: from n/a through <= 0.2.
CVE-2025-57940 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh Kumar Mukhiya Append extensions on Pages append-extensions-on-pages allows Stored XSS.This issue affects Append extensions on Pages: from n/a through <= 1.1.2.
CVE-2025-57939 3 Blocksera, Elementor, Wordpress 3 Image Hover Effects, Elementor, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Blocksera Image Hover Effects – Elementor Addon image-hover-effects-addon-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Hover Effects – Elementor Addon: from n/a through <= 1.4.4.
CVE-2025-57938 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themewant Easy Hotel Booking easy-hotel allows DOM-Based XSS.This issue affects Easy Hotel Booking: from n/a through <= 1.9.0.