Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44848 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-58989 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silverplugins217 Dynamic Text Field For Contact Form 7 dynamic-text-field-for-contact-form-7 allows Stored XSS.This issue affects Dynamic Text Field For Contact Form 7: from n/a through <= 1.0.
CVE-2025-58988 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Dolson My Tickets my-tickets allows Stored XSS.This issue affects My Tickets: from n/a through <= 2.0.22.
CVE-2025-58987 2 Antoineh, Wordpress 2 Football Pool, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AntoineH Football Pool football-pool allows Stored XSS.This issue affects Football Pool: from n/a through <= 2.12.6.
CVE-2025-58985 3 Woocommerce, Wordpress, Wpfactory 3 Woocommerce, Wordpress, Additional Custom Product Tabs For Woocommerce 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through <= 1.7.3.
CVE-2025-58984 2 Welcart, Wordpress 2 E-commerce, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Stored XSS.This issue affects Welcart e-Commerce: from n/a through <= 2.11.20.
CVE-2025-58983 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through <= 1.3.2.
CVE-2025-58982 2 Pixeline, Wordpress 2 Email Protector, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixeline Pixeline&#039;s Email Protector pixelines-email-protector allows Stored XSS.This issue affects Pixeline&#039;s Email Protector: from n/a through <= 1.3.8.
CVE-2025-58974 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through <= 2.9.5.2.
CVE-2025-58965 2 Agency Dominion, Wordpress 2 Fusion Page Builder, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agency Dominion Inc. Fusion Page Builder : Extension &#8211; Gallery fusion-extension-gallery allows Stored XSS.This issue affects Fusion Page Builder : Extension &#8211; Gallery: from n/a through <= 1.7.6.
CVE-2025-58960 2 Brijeshk89, Wordpress 2 Ip Based Login, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brijeshk89 IP Based Login ip-based-login allows Stored XSS.This issue affects IP Based Login: from n/a through <= 2.4.3.
CVE-2025-58917 3 Nick Verwymeren, Woocommerce, Wordpress 3 Quantities And Units For Woocommerce, Woocommerce, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Verwymeren Quantities and Units for WooCommerce quantities-and-units-for-woocommerce allows Stored XSS.This issue affects Quantities and Units for WooCommerce: from n/a through <= 1.0.13.
CVE-2025-58915 2 Emarket-design, Wordpress 2 Youtube Showcase, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in emarket-design Request a Quote request-a-quote allows Stored XSS.This issue affects Request a Quote: from n/a through <= 2.5.0.
CVE-2025-58887 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Course Finder | andré martin - it solutions &amp; research UG Course Booking Platform course-booking-platform allows Stored XSS.This issue affects Course Booking Platform: from n/a through <= 1.0.0.
CVE-2025-58886 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tan Nguyen Instant Locations instant-locations allows Stored XSS.This issue affects Instant Locations: from n/a through <= 1.0.
CVE-2025-58884 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ivan Drago vipdrv vipdrv-vip-test-drive allows Stored XSS.This issue affects vipdrv: from n/a through <= 1.0.3.
CVE-2025-58883 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Harris Search Cloud One search-cloud-one allows Stored XSS.This issue affects Search Cloud One: from n/a through <= 2.2.5.
CVE-2025-58882 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in w1zzard Simple Text Slider simple-text-slider allows Stored XSS.This issue affects Simple Text Slider: from n/a through <= 1.0.5.
CVE-2025-58880 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reubenthiessen Translate This gTranslate Shortcode translate-this-google-translate-web-element-shortcode allows Stored XSS.This issue affects Translate This gTranslate Shortcode: from n/a through <= 1.0.
CVE-2025-58876 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ali Aghdam Aparat Video Shortcode aparat-shortcode allows Stored XSS.This issue affects Aparat Video Shortcode: from n/a through <= 0.2.4.
CVE-2025-58875 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sudar Muthu WP Github Gist wp-github-gist allows Stored XSS.This issue affects WP Github Gist: from n/a through <= 0.5.