Total
37700 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-28917 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Smilies allows Stored XSS. This issue affects Custom Smilies: from n/a through 2.9.2. | |||||
| CVE-2025-25134 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Theme Demo Bar allows Reflected XSS. This issue affects Theme Demo Bar: from n/a through 1.6.3. | |||||
| CVE-2025-26560 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Contact Form III allows Reflected XSS. This issue affects WP Contact Form III: from n/a through 1.6.2d. | |||||
| CVE-2025-30800 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atawai Gum Elementor Addon allows Stored XSS. This issue affects Gum Elementor Addon: from n/a through 1.3.10. | |||||
| CVE-2025-26739 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themefunction newseqo allows Stored XSS.This issue affects newseqo: from n/a through 2.1.1. | |||||
| CVE-2025-30786 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oooorgle Quotes llama allows DOM-Based XSS. This issue affects Quotes llama: from n/a through 3.1.0. | |||||
| CVE-2025-28858 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arrow Plugins Arrow Maps allows Reflected XSS. This issue affects Arrow Maps: from n/a through 1.0.9. | |||||
| CVE-2025-30768 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mlaza jAlbum Bridge allows Stored XSS. This issue affects jAlbum Bridge: from n/a through 2.0.18. | |||||
| CVE-2025-23459 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound NS Simple Intro Loader allows Reflected XSS. This issue affects NS Simple Intro Loader: from n/a through 2.2.3. | |||||
| CVE-2025-26579 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in videowhisper MicroPayments allows Reflected XSS. This issue affects MicroPayments: from n/a through 3.1.6. | |||||
| CVE-2025-28865 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lionelroux WP Colorful Tag Cloud allows Reflected XSS. This issue affects WP Colorful Tag Cloud: from n/a through 2.0.1. | |||||
| CVE-2025-23728 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AuMenu allows Reflected XSS. This issue affects AuMenu: from n/a through 1.1.5. | |||||
| CVE-2025-26584 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound TBTestimonials allows Reflected XSS. This issue affects TBTestimonials: from n/a through 1.7.3. | |||||
| CVE-2025-26747 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 99colorthemes RainbowNews allows Stored XSS.This issue affects RainbowNews: from n/a through 1.0.7. | |||||
| CVE-2025-28890 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Lightview Plus allows Reflected XSS. This issue affects Lightview Plus: from n/a through 3.1.3. | |||||
| CVE-2025-23612 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pixobe Cartography allows Reflected XSS. This issue affects Pixobe Cartography: from n/a through 1.0.1. | |||||
| CVE-2025-27014 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designingmedia Hostiko allows Reflected XSS.This issue affects Hostiko: from n/a before 30.1. | |||||
| CVE-2025-2685 | 2025-03-27 | N/A | 6.4 MEDIUM | ||
| The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘table-name’ parameter in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2025-30770 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Charitable allows DOM-Based XSS. This issue affects Charitable: from n/a through 1.8.4.7. | |||||
| CVE-2025-30779 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Doneren met Mollie allows Stored XSS. This issue affects Doneren met Mollie: from n/a through 2.10.7. | |||||