Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44025 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-62024 2 Jonathanjernigan, Wordpress 2 Pie Calendar, Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonathan Jernigan Pie Calendar pie-calendar.This issue affects Pie Calendar: from n/a through <= 1.2.9.
CVE-2025-62020 2 Infomaniak, Wordpress 2 Vod Infomaniak, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infomaniak Network VOD Infomaniak vod-infomaniak.This issue affects VOD Infomaniak: from n/a through <= 1.5.11.
CVE-2025-62012 3 Codexthemes, Elementor, Wordpress 3 Thegem, Elementor, Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor) thegem-elementor.This issue affects TheGem (Elementor): from n/a through <= 5.10.5.
CVE-2025-62011 2 Codexthemes, Wordpress 2 Thegem, Wordpress 2026-01-20 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem thegem.This issue affects TheGem: from n/a through <= 5.10.5.
CVE-2025-60246 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weissmike Simple Finance Calculator simple-finance-calculator allows Reflected XSS.This issue affects Simple Finance Calculator: from n/a through <= 1.0.
CVE-2025-60182 2 Schiocco, Wordpress 2 Support Board, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through < 3.8.7.
CVE-2025-60176 1 Wordpress 1 Wordpress 2026-01-20 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tattersoftware WP Tesseract wp-tesseract allows Stored XSS.This issue affects WP Tesseract: from n/a through <= 1.0.2.
CVE-2025-60135 1 Wordpress 1 Wordpress 2026-01-20 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NIKITAS GEORGOPOULOS WeShare Buttons e-mailit allows Stored XSS.This issue affects WeShare Buttons: from n/a through <= 13.0.0.
CVE-2025-60131 1 Wordpress 1 Wordpress 2026-01-20 5.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoefff Werk aan de Muur werk-aan-de-muur allows Stored XSS.This issue affects Werk aan de Muur: from n/a through <= 1.5.
CVE-2025-59556 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup GoStore gostore allows Reflected XSS.This issue affects GoStore: from n/a through < 1.6.4.
CVE-2025-59135 1 Wordpress 1 Wordpress 2026-01-20 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eLEOPARD Behance Portfolio Manager allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through 1.7.5.
CVE-2025-59006 3 Themebon, Woocommerce, Wordpress 3 Easy Woocommerce Customizer, Woocommerce, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themebon Easy Woocommerce Customizer easy-woocommerce-customizer allows Reflected XSS.This issue affects Easy Woocommerce Customizer: from n/a through <= 1.0.2.
CVE-2025-58966 2 Basixonline, Wordpress 2 Nex-forms, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms LITE nex-forms-lite allows Reflected XSS.This issue affects NEX-Forms LITE: from n/a through < 8.2.
CVE-2025-58964 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Enzy enzy allows Reflected XSS.This issue affects Enzy: from n/a through < 1.6.4.
CVE-2025-58961 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kamleshyadav CF7 Auto Responder Addon CF7-autoresponder-addon allows DOM-Based XSS.This issue affects CF7 Auto Responder Addon: from n/a through <= 2.4.
CVE-2025-58921 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arevico WP Tactical Popup wp-tactical-popup allows Reflected XSS.This issue affects WP Tactical Popup: from n/a through <= 1.1.
CVE-2025-58916 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through <= 0.9.
CVE-2025-58638 2 E-plugins, Wordpress 2 Institutions Directory, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Institutions Directory institutions-directory allows Reflected XSS.This issue affects Institutions Directory: from n/a through <= 1.3.3.
CVE-2025-57897 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in venusweb Logtik logtik allows Reflected XSS.This issue affects Logtik: from n/a through <= 2.3.
CVE-2025-54737 2 Nootheme, Wordpress 2 Jobmonster, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflected XSS.This issue affects Jobmonster: from n/a through <= 4.7.8.