Total
43123 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49243 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sevenspark ShiftNav – Responsive Mobile Menu shiftnav-responsive-mobile-menu allows Stored XSS.This issue affects ShiftNav – Responsive Mobile Menu: from n/a through <= 1.8. | |||||
| CVE-2025-49242 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through <= 1.4.3. | |||||
| CVE-2025-49235 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rometheme RTMKit rometheme-for-elementor allows Stored XSS.This issue affects RTMKit: from n/a through <= 1.6.0. | |||||
| CVE-2025-49076 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through <= 6.2.7. | |||||
| CVE-2025-49075 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist wishlist allows Stored XSS.This issue affects Wishlist: from n/a through <= 1.0.43. | |||||
| CVE-2025-49074 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Abu Huraira Bin Aman WidgetKit widgetkit-for-elementor allows Stored XSS.This issue affects WidgetKit: from n/a through <= 2.5.4. | |||||
| CVE-2025-49068 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oceanwp Ocean Extra ocean-extra allows Stored XSS.This issue affects Ocean Extra: from n/a through <= 2.4.8. | |||||
| CVE-2025-49067 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Nasa Core nasa-core allows Stored XSS.This issue affects Nasa Core: from n/a through < 6.4.1. | |||||
| CVE-2025-49065 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BestiaDurmiente Visit Counter visit-counter allows Stored XSS.This issue affects Visit Counter: from n/a through <= 1.0. | |||||
| CVE-2025-49064 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop User Language Switch user-language-switch allows Reflected XSS.This issue affects User Language Switch: from n/a through <= 1.6.10. | |||||
| CVE-2025-49063 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in i3geek BaiduXZH Submit(百度熊掌号) i3geek-baiduxzh allows Reflected XSS.This issue affects BaiduXZH Submit(百度熊掌号): from n/a through <= 1.4.6. | |||||
| CVE-2025-49062 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cornfeed WP-jScrollPane wp-jscrollpane allows Reflected XSS.This issue affects WP-jScrollPane: from n/a through <= 2.0.3. | |||||
| CVE-2025-49061 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perteus Porn Videos Embed porn-videos-embed allows Stored XSS.This issue affects Porn Videos Embed: from n/a through <= 0.9.1. | |||||
| CVE-2025-49058 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sound Strategies SoundSt SEO Search soundst-seo-search allows Reflected XSS.This issue affects SoundSt SEO Search: from n/a through <= 1.2.3. | |||||
| CVE-2025-49057 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ko Min WP Voting wp-voting allows Reflected XSS.This issue affects WP Voting: from n/a through <= 1.8. | |||||
| CVE-2025-49056 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shen2 多说社会化评论框 duoshuo allows Reflected XSS.This issue affects 多说社会化评论框: from n/a through <= 1.2. | |||||
| CVE-2025-49054 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mrdenny Time Sheets time-sheets allows Reflected XSS.This issue affects Time Sheets: from n/a through <= 2.1.3. | |||||
| CVE-2025-49053 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kadesthemes WP Airdrop Manager airdrop allows Stored XSS.This issue affects WP Airdrop Manager: from n/a through <= 1.0.5. | |||||
| CVE-2025-49051 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in biscia7 Hide Text Shortcode hide-text-shortcode allows Stored XSS.This issue affects Hide Text Shortcode: from n/a through <= 1.1. | |||||
| CVE-2025-49048 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in inspectlet Inspectlet – User Session Recording and Heatmaps inspectlet-heatmaps-and-user-session-recording allows Stored XSS.This issue affects Inspectlet – User Session Recording and Heatmaps: from n/a through <= 2.0. | |||||