Touchbase.ai Project CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 16), (line:1, col:17)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (328531 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-62111	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webvitaly Extra Shortcodes allows Stored XSS.This issue affects Extra Shortcodes: from n/a through 2.2.
CVE-2025-62109	2 Infinitumform, Wordpress	2 Geo Controller, Wordpress	2026-01-20	7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through <= 8.9.4.
CVE-2025-62108	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in SaifuMak Add Custom Codes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Custom Codes: from n/a through 4.80.
CVE-2025-62107	2 Pluginops, Wordpress	2 Feather Login Page, Wordpress	2026-01-20	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in PluginOps Feather Login Page allows Cross Site Request Forgery.This issue affects Feather Login Page: from n/a through 1.1.7.
CVE-2025-62103	2 Wordpress, Wpmediadownload	2 Wordpress, Media Library File Download	2026-01-20	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpmediadownload Media Library File Download media-download allows Cross Site Request Forgery.This issue affects Media Library File Download: from n/a through <= 1.4.
CVE-2025-62102	2 Apasionados, Wordpress	2 Dofollow Case By Case, Wordpress	2026-01-20	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Cross Site Request Forgery.This issue affects DoFollow Case by Case: from n/a through <= 3.5.1.
CVE-2025-62101	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0.
CVE-2025-62100	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in themerain ThemeRain Core themerain-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeRain Core: from n/a through <= 1.1.9.
CVE-2025-62099	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Approveme Signature Add-On for Gravity Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Signature Add-On for Gravity Forms: from n/a through 1.8.6.
CVE-2025-62098	2 Totalsoft, Wordpress	2 Portfolio Gallery, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8.
CVE-2025-62097	2 Seothemes, Wordpress	2 Seo Slider, Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SEOthemes SEO Slider allows DOM-Based XSS.This issue affects SEO Slider: from n/a through 1.1.1.
CVE-2025-62096	2 Wordpress, Wpfactory	2 Wordpress, Maximum Products Per User For Woocommerce	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Maximum Products per User for WooCommerce allows Stored XSS.This issue affects Maximum Products per User for WooCommerce: from n/a through 4.4.2.
CVE-2025-62095	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neilgee Bootstrap Modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through 1.3.2.
CVE-2025-62094	3 Elementor, Voidthemes, Wordpress	3 Elementor, Void Elementor Whmcs Elements For Elementor Page Builder, Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Voidthemes Void Elementor WHMCS Elements For Elementor Page Builder.This issue affects Void Elementor WHMCS Elements For Elementor Page Builder: from n/a through 2.0.1.2.
CVE-2025-62093	1 Wordpress	1 Wordpress	2026-01-20	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Image&Video FullScreen Background lbg_fullscreen_fullwidth_slider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through <= 1.6.7.
CVE-2025-62092	2 Wiremo, Wordpress	2 Wiremo, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through 1.4.99.
CVE-2025-62091	2 Vollstart, Wordpress	2 Serial Codes Generator And Validator With Woocommerce Support, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.8.2.
CVE-2025-62090	2 Jegstudio, Wordpress	3 Gutenverse, Gutenverse News, Wordpress	2026-01-20	6.5 Medium
Missing Authorization vulnerability in Jegstudio Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons gutenverse-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons: from n/a through <= 3.0.2.
CVE-2025-62089	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack allows Cross Site Request Forgery.This issue affects Mergado Pack: from n/a through 4.2.0.
CVE-2025-62088	2 Extendons, Wordpress	2 Wordpress & Woocommerce Scraper Plugin, Wordpress	2026-01-20	5.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through 1.0.7.

« first previous Page 53 of 16427. next last »