Total
43804 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39514 | 1 Asgaros | 1 Asgaros Forum | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asgaros Asgaros Forum asgaros-forum allows Stored XSS.This issue affects Asgaros Forum: from n/a through <= 3.2.1. | ||||
| CVE-2025-39509 | 1 Themencode | 1 Tnc Flipbook | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode TNC FlipBook pdf-viewer-for-wordpress allows Stored XSS.This issue affects TNC FlipBook: from n/a through <= 12.1.0. | ||||
| CVE-2025-39508 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Nasa Core nasa-core allows Reflected XSS.This issue affects Nasa Core: from n/a through <= 6.4.4. | ||||
| CVE-2025-39505 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Goodlayers Hotel gdlr-hotel allows Reflected XSS.This issue affects Goodlayers Hotel: from n/a through <= 3.1.4. | ||||
| CVE-2025-39502 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Goodlayers Hostel gdlr-hostel allows Reflected XSS.This issue affects Goodlayers Hostel: from n/a through <= 3.1.2. | ||||
| CVE-2025-39497 | 2 Dokan, Wordpress | 2 Dokan Pro Plugin, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dokan Dokan Pro dokan-pro allows Stored XSS.This issue affects Dokan Pro: from n/a through <= 3.14.5. | ||||
| CVE-2025-39488 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sneeit MagOne magone allows Reflected XSS.This issue affects MagOne: from n/a through <= 8.8. | ||||
| CVE-2025-39487 | 1 Valvepress | 1 Rankie | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ValvePress Rankie valvepress-rankie allows Reflected XSS.This issue affects Rankie: from n/a through <= 1.8.2. | ||||
| CVE-2025-39478 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smartiolabs Smart Notification smio-push-notification allows Reflected XSS.This issue affects Smart Notification: from n/a through <= 10.3. | ||||
| CVE-2025-39469 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pantherius Modal Survey modal-survey.This issue affects Modal Survey: from n/a through <= 2.0.2.0.1. | ||||
| CVE-2025-39464 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtowebsites AdminQuickbar adminquickbar allows Reflected XSS.This issue affects AdminQuickbar: from n/a through <= 1.9.1. | ||||
| CVE-2025-39450 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through <= 2.2.7. | ||||
| CVE-2025-39448 | 1 Crocoblock | 1 Jetelements For Elementor | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.4.1. | ||||
| CVE-2025-39446 | 1 Booster | 1 Booster For Woocommerce | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl LLC Booster Plus for WooCommerce booster-plus-for-woocommerce allows Reflected XSS.This issue affects Booster Plus for WooCommerce: from n/a through <= 7.2.4. | ||||
| CVE-2025-39444 | 1 Maxfoundry | 1 Maxbuttons | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maxfoundry MaxButtons maxbuttons allows Stored XSS.This issue affects MaxButtons: from n/a through <= 9.8.3. | ||||
| CVE-2025-39432 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in antonchanning bbPress2 shortcode whitelist bbpress2-shortcode-whitelist allows Stored XSS.This issue affects bbPress2 shortcode whitelist: from n/a through <= 2.2.1. | ||||
| CVE-2025-39428 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maros Pristas Gravity Forms CSS Themes with Fontawesome and Placeholders gravity-forms-css-themes-with-fontawesome-and-placeholder-support allows Stored XSS.This issue affects Gravity Forms CSS Themes with Fontawesome and Placeholders: from n/a through <= 8.5. | ||||
| CVE-2025-39427 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beth Tucker Long WP Post to PDF Enhanced wp-post-to-pdf-enhanced allows Stored XSS.This issue affects WP Post to PDF Enhanced: from n/a through <= 1.1.1. | ||||
| CVE-2025-39420 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ruudkok WP Twitter Button wp-twitter-button allows Stored XSS.This issue affects WP Twitter Button: from n/a through <= 1.4.1. | ||||
| CVE-2025-39409 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pressaholic WordPress Video Robot - The Ultimate Video Importer wp-video-robot.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through <= 1.20.0. | ||||