CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4380 matches found

Vulnrichment•added 2026/01/05 1:33 p.m.•3 views

CVE-2024-23511 WordPress The Plus Addons for Elementor plugin <= 5.3.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3...

6.5CVSS6AI score0.00128EPSS

Exploits0References1

EUVD•added 2026/01/05 1:33 p.m.•2 views

EUVD-2024-21006

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3...

6.5CVSS7.9AI score0.00128EPSS

Exploits0References2

Vulnrichment•added 2026/01/05 1:30 p.m.•3 views

CVE-2023-51513 WordPress Geo Controller plugin <= 8.5.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...

6.5CVSS6AI score0.00135EPSS

Exploits0References1

Positive Technologies•added 2026/01/05 12:0 a.m.•2 views

PT-2026-1283

Name of the Vulnerable Software and Affected Versions The Plus Addons for Elementor Page Builder Lite versions through 5.3.3 Description The Plus Addons for Elementor Page Builder Lite is susceptible to a DOM-Based Cross-site Scripting issue due to improper input neutralization during web page...

6.5CVSS6.3AI score0.00128EPSS

Exploits0References3

CNNVD•added 2026/01/05 12:0 a.m.•1 views

WordPress plugin The Plus Addons for Elementor Page Builder Lite 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.8AI score0.00128EPSS

Exploits0References2

CNNVD•added 2026/01/05 12:0 a.m.•3 views

WordPress plugin Machic Core 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS8AI score0.00143EPSS

Exploits0References2

RedhatCVE•added 2026/01/01 2:18 p.m.•2 views

CVE-2025-62119

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ViitorCloud Technologies Pvt Ltd Add Featured Image Custom Link custom-url-to-featured-image allows DOM-Based XSS.This issue affects Add Featured Image Custom Link: from n/a through = 2.0.0...

5.9CVSS5.9AI score0.00176EPSS

Exploits0References1

RedhatCVE•added 2026/01/01 1:34 p.m.•4 views

CVE-2025-62750

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Filipe Seabra WooCommerce Parcelas woocommerce-parcelas allows DOM-Based XSS.This issue affects WooCommerce Parcelas: from n/a through = 1.3.5...

5.9CVSS5.9AI score0.00182EPSS

Exploits0References1

RedhatCVE•added 2026/01/01 1:34 p.m.•3 views

CVE-2025-62097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in seothemes SEO Slider seo-slider allows DOM-Based XSS.This issue affects SEO Slider: from n/a through = 1.1.1...

6.5CVSS5.9AI score0.0013EPSS

Exploits0References1

RedhatCVE•added 2026/01/01 12:17 p.m.•8 views

CVE-2025-62757

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

6.5CVSS5.9AI score0.00173EPSS

Exploits0References1

RedhatCVE•added 2026/01/01 12:17 p.m.•11 views

CVE-2025-62748

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder vc-addons-by-bit14 allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through = 1.5...

6.5CVSS5.9AI score0.00173EPSS

Exploits0References1

RedhatCVE•added 2026/01/01 12:17 p.m.•10 views

CVE-2025-62135

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in landwire Responsive Block Control responsive-block-control allows DOM-Based XSS.This issue affects Responsive Block Control: from n/a through = 1.3.0...

6.5CVSS5.9AI score0.00173EPSS

Exploits0References1

RedhatCVE•added 2026/01/01 12:17 p.m.•6 views

CVE-2025-62752

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kalender.digital Kalender.digital kalender-digital allows DOM-Based XSS.This issue affects Kalender.digital: from n/a through = 1.0.13...

6.5CVSS5.9AI score0.00168EPSS

Exploits0References1

NVD•added 2025/12/31 5:15 p.m.•3 views

CVE-2025-63021

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetipi Valenti Engine valenti-engine allows DOM-Based XSS.This issue affects Valenti Engine: from n/a through = 1.0.3...

6.5CVSS0.0017EPSS

Exploits0References1

CVE•added 2025/12/31 4:49 p.m.•8 views

CVE-2025-63021

Valenti Engine (WordPress) is listed in the Wordfence digest as CVE-2025-63021: an authenticated (Contributor+) Stored Cross-Site Scripting vulnerability affecting Valenti Engine versions up to 1.0.3. The connected document provides the vulnerability type and affected version but does not disclos...

6.5CVSS5.9AI score0.0017EPSS

Exploits0References1

Cvelist•added 2025/12/31 4:49 p.m.•25 views

CVE-2025-63021 WordPress Valenti Engine plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetipi Valenti Engine valenti-engine allows DOM-Based XSS.This issue affects Valenti Engine: from n/a through = 1.0.3...

6.5CVSS0.0017EPSS

Exploits0References1

RedhatCVE•added 2025/12/31 4:9 p.m.•7 views

CVE-2025-64190

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.6...

6.5CVSS5.9AI score0.0013EPSS

Exploits0References1

NVD•added 2025/12/31 2:15 p.m.•6 views

CVE-2025-62750

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Filipe Seabra WooCommerce Parcelas woocommerce-parcelas allows DOM-Based XSS.This issue affects WooCommerce Parcelas: from n/a through = 1.3.5...

5.9CVSS0.00182EPSS

Exploits0References1

NVD•added 2025/12/31 2:15 p.m.•4 views

CVE-2025-62097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in seothemes SEO Slider seo-slider allows DOM-Based XSS.This issue affects SEO Slider: from n/a through = 1.1.1...

6.5CVSS0.0013EPSS

Exploits0References1

EUVD•added 2025/12/31 1:43 p.m.•2 views

EUVD-2025-205960

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ViitorCloud Technologies Pvt Ltd Add Featured Image Custom Link allows DOM-Based XSS.This issue affects Add Featured Image Custom Link: from n/a through 2.0.0...

5.9CVSS5.9AI score0.00176EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by