CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4380 matches found

EUVD•added 2025/12/09 6:30 p.m.•3 views

EUVD-2025-201968

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hogash Kallyas kallyas allows DOM-Based XSS.This issue affects Kallyas: from n/a through = 4.22.0...

6.5CVSS5.9AI score0.00204EPSS

Exploits0References2

EUVD•added 2025/12/09 6:30 p.m.•2 views

EUVD-2025-201983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows DOM-Based XSS.This issue affects Xpro Elementor Addons: from n/a through = 1.4.19.1...

6.5CVSS5.9AI score0.00211EPSS

Exploits0References2

EUVD•added 2025/12/09 6:30 p.m.•3 views

EUVD-2025-201987

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

5.9AI score0.00161EPSS

Exploits0References2

EUVD•added 2025/12/09 6:30 p.m.•3 views

EUVD-2025-201998

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows DOM-Based XSS.This issue affects WP Hotel Booking: from n/a through = 2.2.7...

5.9AI score0.00167EPSS

Exploits0References2

NVD•added 2025/12/09 4:18 p.m.•3 views

CVE-2025-67553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows DOM-Based XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...

6.5CVSS0.00161EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•1 views

CVE-2025-67549

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik oik allows DOM-Based XSS.This issue affects oik: from n/a through = 4.15.3...

6.5CVSS0.00161EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•3 views

CVE-2025-67539

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Select-Themes Select Core select-core allows DOM-Based XSS.This issue affects Select Core: from n/a through 2.6...

6.5CVSS0.00156EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•2 views

CVE-2025-67542

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SilkyPress Multi-Step Checkout for WooCommerce wp-multi-step-checkout allows DOM-Based XSS.This issue affects Multi-Step Checkout for WooCommerce: from n/a through = 2.33...

6.5CVSS0.00161EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•3 views

CVE-2025-63061

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hogash KALLYAS kallyas allows DOM-Based XSS.This issue affects KALLYAS: from n/a through 4.25.0...

6.5CVSS0.00204EPSS

Exploits0References1

OSV•added 2025/12/09 4:18 p.m.•3 views

CVE-2025-63045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in averta Master Slider Pro masterslider allows DOM-Based XSS.This issue affects Master Slider Pro: from n/a through = 3.7.12...

6.5CVSS5.8AI score0.00214EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•2 views

CVE-2025-63044

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows DOM-Based XSS.This issue affects Xpro Elementor Addons: from n/a through = 1.4.19.1...

6.5CVSS0.00211EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•5 views

CVE-2025-63045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in averta Master Slider Pro masterslider allows DOM-Based XSS.This issue affects Master Slider Pro: from n/a through = 3.7.12...

6.5CVSS0.00214EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•1 views

CVE-2025-63037

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DFDevelopment Ronneby Theme Core ronneby-core allows DOM-Based XSS.This issue affects Ronneby Theme Core: from n/a through = 1.5.68...

6.5CVSS0.00161EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•2 views

CVE-2025-63011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows DOM-Based XSS.This issue affects WP Hotel Booking: from n/a through = 2.2.8...

5.9CVSS0.00167EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 2:52 p.m.•2 views

CVE-2025-63073 WordPress The7 theme < 12.9.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dream-Theme The7 dt-the7 allows DOM-Based XSS.This issue affects The7: from n/a through 12.9.0...

6.5CVSS5.9AI score0.00161EPSS

Exploits0References1

CVE•added 2025/12/09 2:52 p.m.•15 views

CVE-2025-63075

The CVE describes a DOM-based XSS in the WordPress Betheme theme, affecting Betheme versions up to 28.1.7. Root cause per the sources is improper neutralization of input during web page generation, enabling DOM-Based XSS without server-side code execution. Affected component: Betheme (WordPress t...

6.5CVSS5.9AI score0.00161EPSS

Exploits0References1

CVE•added 2025/12/09 2:52 p.m.•10 views

CVE-2025-63073

The CVE-2025-63073 entry concerns the WordPress Dream-Theme The7 (dt-the7) WordPress theme up to version 12.8.0.2, with a DOM-based XSS caused by improper input neutralization during web page generation. The issue affects The7 versions

6.5CVSS5.9AI score0.00161EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 2:52 p.m.•3 views

CVE-2025-63057 WordPress Wp Ultimate Review plugin <= 2.3.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows DOM-Based XSS.This issue affects Wp Ultimate Review: from n/a through = 2.3.7...

6.5CVSS5.2AI score0.00231EPSS

Exploits0References1

CVE•added 2025/12/09 2:52 p.m.•12 views

CVE-2025-63057

CVE-2025-63057 refers to a DOM-based XSS in the WordPress plugin WP Ultimate Review (Roxnor) affecting versions from and including up to 2.3.7. The vulnerability arises from improper input neutralization during web page generation, enabling cross-site scripting on pages rendered by the plugin. Pu...

6.5CVSS5.9AI score0.00231EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 2:52 p.m.•1 views

CVE-2025-63046 WordPress ListingPro plugin <= 2.9.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows DOM-Based XSS.This issue affects ListingPro: from n/a through = 2.9.9...

6.5CVSS6AI score0.00211EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by