CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-23587
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashek Al Mahmud all-in-one-box-login all-in-one-login allows Reflected XSS.This issue affects all-in-one-box-login: from n/a …

Mar 3, 2025
CVE-2025-23586
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MAL73049 WP Post Category Notifications wp-post-category-notifications allows Reflected XSS.This issue affects WP Post …

Mar 3, 2025
CVE-2025-23585
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CantonBolo Goo.gl Url Shorter googl-url-shorter allows Reflected XSS.This issue affects Goo.gl Url Shorter: …

Mar 3, 2025
CVE-2025-23584
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arsh91 Pin Locations on Map pin-locations-on-map allows Reflected XSS.This issue affects Pin Locations …

Mar 3, 2025
CVE-2025-23576
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cfuze WP Intro.JS wp-intro-js-tours allows Reflected XSS.This issue affects WP Intro.JS: from n/a …

Mar 3, 2025
CVE-2025-23575
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: …

Mar 3, 2025
CVE-2025-23570
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mitchell Bundy WP Social Links wp-social-links allows Reflected XSS.This issue affects WP Social …

Mar 3, 2025
CVE-2025-23565
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Taylor Wibstats wibstats-statistics-for-wordpress-mu allows Reflected XSS.This issue affects Wibstats: from n/a through …

Mar 3, 2025
CVE-2025-23564
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mohsenshahbazi WP FixTag wp-fixtag allows Reflected XSS.This issue affects WP FixTag: from n/a …

Mar 3, 2025
CVE-2025-23563
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mbyte Explore pages explore-pages allows Reflected XSS.This issue affects Explore pages: from n/a …

Mar 3, 2025
CVE-2025-23556
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in netbitsolutions Push Envoy Notifications push-envoy allows Reflected XSS.This issue affects Push Envoy Notifications: …

Mar 3, 2025
CVE-2025-23555
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chenyenming Ui Slider Filter By Price ui-slider-filter-by-price allows Reflected XSS.This issue affects Ui …

Mar 3, 2025
CVE-2025-23553
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Cramer Userbase Access Control userbase-access-control allows Reflected XSS.This issue affects Userbase Access …

Mar 3, 2025
CVE-2025-23552
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yashar Texteller texteller allows Reflected XSS.This issue affects Texteller: from n/a through <= …

Mar 3, 2025
CVE-2025-23549
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in agora32 Maniac SEO maniac-seo allows Reflected XSS.This issue affects Maniac SEO: from n/a …

Mar 3, 2025
CVE-2025-23539
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in surror Awesome Hooks awesome-hooks allows Reflected XSS.This issue affects Awesome Hooks: from n/a …

Mar 3, 2025
CVE-2025-23538
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sophia M Williams WP Contest wp-contest allows Reflected XSS.This issue affects WP Contest: …

Mar 3, 2025
CVE-2025-23536
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mndpsingh287 Track Page Scroll track-page-scroll allows Reflected XSS.This issue affects Track Page Scroll: …

Mar 3, 2025
CVE-2025-23526
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SwiftCloud Swift Calendar Online Appointment Scheduling online-appointment-scheduling-software allows Reflected XSS.This issue affects Swift …

Mar 3, 2025
CVE-2025-23524
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dactum ClickBank Storefront mycbgenie-clickbank-storefront allows Reflected XSS.This issue affects ClickBank Storefront: from n/a …

Mar 3, 2025
CVE-2025-23521
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Goodlayers Blocks goodlayers-blocks allows Reflected XSS.This issue affects Goodlayers Blocks: from n/a …

Mar 3, 2025
CVE-2025-23520
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SecureSubmit Heartland Management Terminal allows Reflected XSS. This issue affects Heartland Management Terminal: …

Mar 3, 2025
CVE-2025-23519
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jas Saran G Web Pro Store Locator gwebpro-store-locator allows Reflected XSS.This issue affects …

Mar 3, 2025
CVE-2025-23518
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mrsaucier GoogleMapper googlemapper-2 allows Reflected XSS.This issue affects GoogleMapper: from n/a through <= …

Mar 3, 2025
CVE-2025-23517
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunil chaulagain Google Map on Post/Page google-map-on-postpage allows Reflected XSS.This issue affects Google …

Mar 3, 2025
CVE-2025-23516
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brainvireinfo Sale with Razorpay sell-with-razorpay allows Reflected XSS.This issue affects Sale with Razorpay: …

Mar 3, 2025
CVE-2025-23505
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pantho Bihosh Pit Login Welcome pit-login-welcome allows Reflected XSS.This issue affects Pit Login …

Mar 3, 2025
CVE-2025-23502
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in Ned Curated Search curated-search allows Stored XSS.This issue affects Curated Search: from n/a through <= 1.2.

Mar 3, 2025
CVE-2025-23496
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in husani WP FPO wp-fpo allows Reflected XSS.This issue affects WP FPO: from n/a …

Mar 3, 2025
CVE-2025-23494
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in binnyva Quizzin quizzin allows Reflected XSS.This issue affects Quizzin: from n/a through <= …

Mar 3, 2025
CVE-2025-23493
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moallemi Google Transliteration google-transliteration allows Reflected XSS.This issue affects Google Transliteration: from n/a …

Mar 3, 2025
CVE-2025-23490
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Stursberg Browser-Update-Notify browser-update-notify allows Reflected XSS.This issue affects Browser-Update-Notify: from n/a through …

Mar 3, 2025
CVE-2025-23488
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Abolfazl Sabagh rng-refresh rng-refresh allows Reflected XSS.This issue affects rng-refresh: from n/a through …

Mar 3, 2025
CVE-2025-23487
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in odihost Easy Gallery simple-gallery-odihost allows Reflected XSS.This issue affects Easy Gallery: from n/a …

Mar 3, 2025
CVE-2025-23485
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in richestsoft RS Survey rs-survey allows Reflected XSS.This issue affects RS Survey: from n/a …

Mar 3, 2025
CVE-2025-23484
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cojecto Predict When predict-when allows Reflected XSS.This issue affects Predict When: from n/a …

Mar 3, 2025
CVE-2025-23482
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in azurecurve azurecurve Floating Featured Image azurecurve-floating-featured-image allows Reflected XSS.This issue affects azurecurve Floating …

Mar 3, 2025
CVE-2025-23481
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anzar Ahmed Ni WooCommerce Sales Report Email ni-woocommerce-sales-report-email allows Reflected XSS.This issue affects …

Mar 3, 2025
CVE-2025-23479
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in melascrivi melascrivi melascrivi allows Reflected XSS.This issue affects melascrivi: from n/a through <= …

Mar 3, 2025
CVE-2025-23478
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmsaccount Photo Video Store photo-video-store allows Reflected XSS.This issue affects Photo Video Store: …

Mar 3, 2025
CVE-2025-23473
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Punit Bhalodiya Killer Theme Options killer-theme-options allows Reflected XSS.This issue affects Killer Theme …

Mar 3, 2025
CVE-2025-23472
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flexostudio Flexo Slider flexo-slider allows Reflected XSS.This issue affects Flexo Slider: from n/a …

Mar 3, 2025
CVE-2025-23468
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wrenchpilot Essay Wizard (wpCRES) essay-wizard-wpcres allows Reflected XSS.This issue affects Essay Wizard (wpCRES): …

Mar 3, 2025
CVE-2025-23465
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magent Vampire Character Manager vampire-character allows Reflected XSS.This issue affects Vampire Character Manager: …

Mar 3, 2025
CVE-2025-23464
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Keir Whitaker Twitter News Feed twitter-news-feed allows Reflected XSS.This issue affects Twitter News …

Mar 3, 2025
CVE-2025-23451
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in titodevera Awesome Twitter Feeds awesome-twitter-feeds allows Reflected XSS.This issue affects Awesome Twitter Feeds: …

Mar 3, 2025
CVE-2025-23450
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in agenwebsite AW WooCommerce Kode Pembayaran aw-woocommerce-kode-pembayaran allows Reflected XSS.This issue affects AW WooCommerce …

Mar 3, 2025
CVE-2025-23447
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kundan Yevale Smooth Dynamic Slider smooth-dynamic-slider allows Reflected XSS.This issue affects Smooth Dynamic …

Mar 3, 2025
CVE-2025-23446
7.1 HIGH

Cross-Site Request Forgery (CSRF) vulnerability in KokoenDE WP SpaceContent wp-spacecontent allows Stored XSS.This issue affects WP SpaceContent: from n/a through <= 0.4.5.

Mar 3, 2025
CVE-2025-23441
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dkukral Attach Gallery Posts attach-gallery-posts allows Reflected XSS.This issue affects Attach Gallery Posts: …

Mar 3, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.