Search
59,162 CVEs
CVEs (59,162, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 76–100 of 59,162 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-31052 | NONE | — | 2025-06-09 | Deserialization of Untrusted Data vulnerability in themeton The Fashion - Model Agency One Page Beauty Theme nrgfashion allows Object Injection.This issue affects The Fashi… | |
| CVE-2025-31057 | NONE | — | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player elementor_widget_universal_video_p… | |
| CVE-2025-31058 | NONE | — | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Revolution Video Player revolution_video_player allows Re… | |
| CVE-2025-31059 | NONE | — | 2025-06-09 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in woobewoo WBW Product Table PRO woo-producttables-pro allows SQL Inject… | |
| CVE-2025-31061 | NONE | — | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in redqteam Wishlist wishlist allows Reflected XSS.This issue affects Wis… | |
| CVE-2025-31396 | CRITICAL | 9.8 | 2025-06-09 | Deserialization of Untrusted Data vulnerability in themeton FLAP - Business WordPress Theme allows Object Injection. This issue affects FLAP - Business WordPress Theme: fro… | |
| CVE-2025-31398 | CRITICAL | 9.8 | 2025-06-09 | Deserialization of Untrusted Data vulnerability in themeton PIMP - Creative MultiPurpose allows Object Injection. This issue affects PIMP - Creative MultiPurpose: from n/a … | |
| CVE-2025-31424 | NONE | — | 2025-06-09 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav WP Lead Capturing Pages leadcapture allows Blind SQL Inje… | |
| CVE-2025-31426 | NONE | — | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcast_sticky all… | |
| CVE-2025-31429 | CRITICAL | 9.8 | 2025-06-09 | Deserialization of Untrusted Data vulnerability in themeton PressGrid - Frontend Publish Reaction & Multimedia Theme allows Object Injection. This issue affects PressGrid -… | |
| CVE-2025-31635 | HIGH | 7.5 | 2025-06-09 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in LambertGroup CLEVER lbg-audio11-html5-shoutcast_history allows Path Traversa… | |
| CVE-2025-31638 | HIGH | 7.1 | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themeton Spare allows Reflected XSS. This issue affects Spare: from n/… | |
| CVE-2025-31917 | NONE | — | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player universal_video_player allows Refl… | |
| CVE-2025-31920 | NONE | — | 2025-06-09 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AmentoTech WP Guppy wp-guppy allows SQL Injection.This issue affects W… | |
| CVE-2025-31925 | NONE | — | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup SHOUT lbg-audio8-html5-radio_ads allows Reflected XSS.Thi… | |
| CVE-2025-32291 | NONE | — | 2025-06-09 | Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Using Malicious Files.This issue affects SUMO Affiliates P… | |
| CVE-2025-32305 | NONE | — | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sneeit WordPress FlatNews Theme flatnews allows Reflected XSS.This iss… | |
| CVE-2025-32308 | NONE | — | 2025-06-09 | Missing Authorization vulnerability in looks_awesome Team Builder a-team-showcase allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects… | |
| CVE-2025-32595 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Krowd krowd allows PHP Local File Inclusion.… | |
| CVE-2025-39473 | NONE | — | 2025-06-09 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WebGeniusLab Seofy Core seofy-core allows PHP Local File Inclusion.This issu… | |
| CVE-2025-39475 | NONE | — | 2025-06-09 | Path Traversal: '.../...//' vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through <= 6.0.3. | |
| CVE-2025-39476 | NONE | — | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech Revo revo allows PHP Local File Inclusion… | |
| CVE-2025-39539 | NONE | — | 2025-06-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brewlabs WP Email Delivery wp-email-delivery allows Reflected XSS.This… | |
| CVE-2025-45055 | MEDIUM | 5.4 | 2025-06-09 | Silverpeas 6.4.2 contains a stored cross-site scripting (XSS) vulnerability in the event management module. An authenticated user can upload a malicious SVG file as an even… | |
| CVE-2025-46178 | MEDIUM | 6.1 | 2025-06-09 | Cross-Site Scripting (XSS) vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary Ja… |