Search Results (14038 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-60220 1 Wordpress 1 Wordpress 2026-04-15 9.8 Critical
Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through <= 3.0.0.
CVE-2025-62039 2 Ays-pro, Wordpress 2 Ai Chatbot With Chatgpt, Wordpress 2026-04-15 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Retrieve Embedded Sensitive Data.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.6.6.
CVE-2025-62040 2 Wordpress, Yop-poll 3 Wordpress, Yop-poll, Yop Poll 2026-04-15 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through <= 6.5.37.
CVE-2025-62041 3 Codexthemes, Elementor, Wordpress 3 Thegem, Elementor, Wordpress 2026-04-15 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor) thegem-elementor.This issue affects TheGem (Elementor): from n/a through <= 5.10.5.1.
CVE-2025-62042 1 Wordpress 1 Wordpress 2026-04-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post.This issue affects Event post: from n/a through <= 5.10.3.
CVE-2025-62044 2 Codexthemes, Wordpress 2 Thegem, Wordpress 2026-04-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem Theme Elements (for WPBakery) thegem-elements.This issue affects TheGem Theme Elements (for WPBakery): from n/a through <= 5.10.5.1.
CVE-2025-60214 1 Wordpress 1 Wordpress 2026-04-15 9.8 Critical
Deserialization of Untrusted Data vulnerability in BoldThemes Goldenblatt goldenblatt allows Object Injection.This issue affects Goldenblatt: from n/a through < 1.3.0.
CVE-2025-60213 1 Wordpress 1 Wordpress 2026-04-15 9.8 Critical
Deserialization of Untrusted Data vulnerability in Whitebox-Studio Scape scape allows Object Injection.This issue affects Scape: from n/a through <= 1.5.13.
CVE-2025-62047 1 Wordpress 1 Wordpress 2026-04-15 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Case-Themes Case Addons case-addons.This issue affects Case Addons: from n/a through < 1.3.0.
CVE-2025-60212 1 Wordpress 1 Wordpress 2026-04-15 8.8 High
Deserialization of Untrusted Data vulnerability in designthemes VEDA veda allows Object Injection.This issue affects VEDA: from n/a through <= 4.2.
CVE-2025-60211 3 Extendons, Woocommerce, Wordpress 3 Woocommerce Registration Fields Plugin, Woocommerce, Wordpress 2026-04-15 8.8 High
Incorrect Privilege Assignment vulnerability in extendons WooCommerce Registration Fields Plugin - Custom Signup Fields extendons-registration-fields allows Privilege Escalation.This issue affects WooCommerce Registration Fields Plugin - Custom Signup Fields: from n/a through <= 3.2.3.
CVE-2025-62050 1 Wordpress 1 Wordpress 2026-04-15 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through <= 1.0.3.
CVE-2025-62051 1 Wordpress 1 Wordpress 2026-04-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign Core u-design-core.This issue affects UDesign Core: from n/a through <= 4.14.1.
CVE-2025-60215 1 Wordpress 1 Wordpress 2026-04-15 8.8 High
Deserialization of Untrusted Data vulnerability in designthemes Kriya kriya allows Object Injection.This issue affects Kriya: from n/a through <= 3.4.
CVE-2025-62054 2 Favethemes, Wordpress 2 Houzez, Wordpress 2026-04-15 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through <= 4.1.8.
CVE-2025-60209 1 Wordpress 1 Wordpress 2026-04-15 9.8 Critical
Deserialization of Untrusted Data vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets wp-gravity-forms-spreadsheets allows Object Injection.This issue affects Connector for Gravity Forms and Google Sheets: from n/a through <= 1.2.6.
CVE-2025-62056 1 Wordpress 1 Wordpress 2026-04-15 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes News Event news-event.This issue affects News Event: from n/a through <= 1.0.1.
CVE-2025-62057 2 Favethemes, Wordpress 2 Houzez, Wordpress 2026-04-15 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0.
CVE-2025-62058 2 Favethemes, Wordpress 2 Houzez, Wordpress 2026-04-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0.
CVE-2025-62059 1 Wordpress 1 Wordpress 2026-04-15 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force SureRank surerank.This issue affects SureRank: from n/a through <= 1.3.2.