CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

254 matches found

Vulnrichment•added 2025/04/17 3:48 p.m.•5 views

CVE-2025-23858 WordPress Custom Users Order Plugin <= 4.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiren Patel Custom Users Order custom-users-order allows Reflected XSS.This issue affects Custom Users Order: from n/a through = 4.2...

7.1CVSS5.9AI score0.00219EPSS

Exploits0References1

Cvelist•added 2025/04/17 3:47 p.m.•16 views

CVE-2025-32520 WordPress WordPress Health and Server Condition plugin <= 4.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M. Ali Saleem WordPress Health and Server Condition – Integrated with Google Page Speed wp-condition allows Reflected XSS.This issue affects WordPress Health and Server Condition – Integrated with...

7.1CVSS0.00219EPSS

Exploits0References1

CVE•added 2025/04/17 3:47 p.m.•39 views

CVE-2025-32522

CVE-2025-32522 affects License Manager for WooCommerce (WordPress plugin) up to version 3.0.9, with a Reflected Cross-Site Scripting vulnerability caused by improper input neutralization during web page generation. CVSSv3.1 base score 7.1 (HIGH), attack vector NETWORK, user interaction REQUIRED. ...

7.1CVSS7.2AI score0.00669EPSS

Exploits0References1

Cvelist•added 2025/04/17 3:47 p.m.•9 views

CVE-2025-32530 WordPress Wallet System for WooCommerce plugin <= 2.6.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Wallet System for WooCommerce wallet-system-for-woocommerce allows Reflected XSS.This issue affects Wallet System for WooCommerce: from n/a through = 2.6.8...

7.1CVSS0.00669EPSS

Exploits0References1

Cvelist•added 2025/04/17 3:47 p.m.•11 views

CVE-2025-32532 WordPress UXsniff plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pei Yong Goh UXsniff ux-sniff allows Reflected XSS.This issue affects UXsniff: from n/a through = 1.3.3...

7.1CVSS0.00219EPSS

Exploits0References1

Vulnrichment•added 2025/04/17 3:47 p.m.•4 views

CVE-2025-32588 WordPress Credova_Financial plugin <= 2.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Credova Financial CredovaFinancial allows Reflected XSS. This issue affects CredovaFinancial: from n/a through 2.4.8...

7.1CVSS6.9AI score0.00669EPSS

Exploits0References1

Vulnrichment•added 2025/04/17 3:47 p.m.•3 views

CVE-2025-32609 WordPress Verowa Connect Plugin <= 3.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Picture-Planet GmbH Verowa Connect verowa-connect allows Reflected XSS.This issue affects Verowa Connect: from n/a through = 3.0.4...

7.1CVSS8.6AI score0.00219EPSS

Exploits0References1

Cvelist•added 2025/04/17 3:47 p.m.•9 views

CVE-2025-32628 WordPress Crowdfunding for WooCommerce Plugin <= 3.1.12 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Wham Crowdfunding for WooCommerce crowdfunding-for-woocommerce allows Reflected XSS.This issue affects Crowdfunding for WooCommerce: from n/a through = 3.1.12...

7.1CVSS0.00669EPSS

Exploits0References1

Vulnrichment•added 2025/04/17 3:17 p.m.•4 views

CVE-2025-22651 WordPress Stylish Google Sheet Reader plugin <= 4.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wppluginboxdev Stylish Google Sheet Reader stylish-google-sheet-reader allows Reflected XSS.This issue affects Stylish Google Sheet Reader: from n/a through = 4.0...

7.1CVSS8.6AI score0.00219EPSS

Exploits0References1

Vulnrichment•added 2025/04/15 11:59 a.m.•6 views

CVE-2025-26982 WordPress DSGVO Youtube plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eric-Oliver Mächler DSGVO Youtube dsgvo-youtube allows DOM-Based XSS.This issue affects DSGVO Youtube: from n/a through = 1.5.1...

6.5CVSS8.6AI score0.00322EPSS

Exploits0References1

Vulnrichment•added 2025/04/11 8:42 a.m.•6 views

CVE-2025-32536 WordPress HTML5 Video Player with Playlist Plugin <= 2.50 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sandeep Verma HTML5 Video Player with Playlist allows Reflected XSS. This issue affects HTML5 Video Player with Playlist: from n/a through 2.50...

7.1CVSS7AI score0.00669EPSS

Exploits0References1

Cvelist•added 2025/04/11 8:42 a.m.•11 views

CVE-2025-32536 WordPress HTML5 Video Player with Playlist Plugin <= 2.50 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sandeep Verma HTML5 Video Player with Playlist html5-video-player-with-playlist allows Reflected XSS.This issue affects HTML5 Video Player with Playlist: from n/a through = 2.50...

7.1CVSS0.00669EPSS

Exploits0References1

Cvelist•added 2025/04/11 8:42 a.m.•10 views

CVE-2025-32525 WordPress Interactive Geo Maps plugin <= 1.6.24 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MapGeo Interactive Geo Maps interactive-geo-maps allows Reflected XSS.This issue affects Interactive Geo Maps: from n/a through = 1.6.24...

7.1CVSS0.00669EPSS

Exploits0References1

Vulnrichment•added 2025/04/09 4:10 p.m.•4 views

CVE-2025-31392 WordPress Smart Product Gallery Slider plugin <= 1.0.4 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Shameem Reza Smart Product Gallery Slider allows Cross Site Request Forgery. This issue affects Smart Product Gallery Slider: from n/a through 1.0.4...

7.1CVSS6.9AI score0.00216EPSS

Exploits0References1

Cvelist•added 2025/04/09 4:9 p.m.•10 views

CVE-2025-32495 WordPress Waymark plugin <= 1.5.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joe Waymark waymark allows Stored XSS.This issue affects Waymark: from n/a through = 1.5.3...

6.5CVSS0.00532EPSS

Exploits0References1

CVE•added 2025/04/04 3:59 p.m.•48 views

CVE-2025-32196

CVE-2025-32196: News Kit Elementor Addons (News Kit Elementor Addons) vulnerable to Stored XSS due to insufficient input handling; authenticated users (Contributor+) can exploit it. Affected versions include up to 1.3.1; patch status is Unpatched per Wordfence/related sources in connected documen...

6.5CVSS7.2AI score0.00854EPSS

Exploits0References1

Cvelist•added 2025/04/04 3:59 p.m.•10 views

CVE-2025-32193 WordPress Simple WP Events plugin <= 1.8.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMinds Simple WP Events simple-wp-events allows Stored XSS.This issue affects Simple WP Events: from n/a through = 1.8.17...

6.5CVSS0.00532EPSS

Exploits0References1

Cvelist•added 2025/04/04 3:58 p.m.•10 views

CVE-2025-32182 WordPress Spider Elements – Addons for Elementor plugin <= 1.6.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spider Themes Spider Elements spider-elements allows Stored XSS.This issue affects Spider Elements: from n/a through = 1.6.5...

6.5CVSS0.00883EPSS

Exploits0References1

Cvelist•added 2025/04/04 3:58 p.m.•16 views

CVE-2025-32131 WordPress Social Intents plugin <= 1.6.19 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in socialintents Social Intents live-chat-support-by-social-intents allows Stored XSS.This issue affects Social Intents: from n/a through = 1.6.19...

5.9CVSS0.01017EPSS

Exploits0References1

Vulnrichment•added 2025/04/03 1:27 p.m.•5 views

CVE-2025-31901 WordPress Digihood HTML Sitemap Plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Digihood Digihood HTML Sitemap allows Reflected XSS. This issue affects Digihood HTML Sitemap: from n/a through 3.1.1...

7.1CVSS7AI score0.00405EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by