Total
43489 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-58808 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Babar prettyPhoto prettyphoto allows Stored XSS.This issue affects prettyPhoto: from n/a through <= 1.2.5. | |||||
| CVE-2025-58805 | 2026-04-23 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Widgetize Pages Light widgetize-pages-light allows Stored XSS.This issue affects Widgetize Pages Light: from n/a through <= 3.0. | |||||
| CVE-2025-58796 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dudaster Elementor Element Condition ele-conditions allows Stored XSS.This issue affects Elementor Element Condition: from n/a through <= 1.0.5. | |||||
| CVE-2025-58793 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBean WPB Elementor Addons wpb-elementor-addons allows Stored XSS.This issue affects WPB Elementor Addons: from n/a through <= 1.7. | |||||
| CVE-2025-58791 | 2026-04-23 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arjan Olsder SEO Auto Linker wpa-seo-auto-linker allows Stored XSS.This issue affects SEO Auto Linker: from n/a through <= 1.5.3. | |||||
| CVE-2025-58790 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPKube Kiwi kiwi-social-share allows Stored XSS.This issue affects Kiwi: from n/a through <= 2.1.8. | |||||
| CVE-2025-58787 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Popup themify-popup allows Stored XSS.This issue affects Themify Popup: from n/a through <= 1.4.2. | |||||
| CVE-2025-58786 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VW THEMES Ibtana – Ecommerce Product Addons ibtana-ecommerce-product-addons allows DOM-Based XSS.This issue affects Ibtana – Ecommerce Product Addons: from n/a through <= 0.4.7.6. | |||||
| CVE-2025-58784 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through <= 1.4.0. | |||||
| CVE-2025-58704 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ren Ventura WP Delete User Accounts wp-delete-user-accounts allows Stored XSS.This issue affects WP Delete User Accounts: from n/a through <= 1.2.4. | |||||
| CVE-2025-58703 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skyword Skyword API Plugin skyword-plugin allows Stored XSS.This issue affects Skyword API Plugin: from n/a through <= 2.5.3. | |||||
| CVE-2025-58702 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebWizards MarketKing marketking-multivendor-marketplace-for-woocommerce allows Stored XSS.This issue affects MarketKing: from n/a through <= 2.0.92. | |||||
| CVE-2025-58691 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson Genesis Club Lite genesis-club-lite allows Stored XSS.This issue affects Genesis Club Lite: from n/a through <= 1.17. | |||||
| CVE-2025-58689 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tapfiliate Tapfiliate tapfiliate allows Stored XSS.This issue affects Tapfiliate: from n/a through <= 3.2.2. | |||||
| CVE-2025-58684 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Logo Showcase logo-showcase allows Stored XSS.This issue affects Logo Showcase: from n/a through <= 4.0.1. | |||||
| CVE-2025-58683 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luke Mlsna Last Updated Shortcode last-updated-shortcode allows Stored XSS.This issue affects Last Updated Shortcode: from n/a through <= 1.0.1. | |||||
| CVE-2025-58682 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timur Kamaev Kama Click Counter kama-clic-counter allows Stored XSS.This issue affects Kama Click Counter: from n/a through <= 4.0.4. | |||||
| CVE-2025-58671 | 2026-04-23 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in morganrichards Auction Feed auction-feed allows Stored XSS.This issue affects Auction Feed: from n/a through <= 1.1.4. | |||||
| CVE-2025-58669 | 2026-04-23 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modern Minds Magento 2 WordPress Integration m2wp allows Stored XSS.This issue affects Magento 2 WordPress Integration: from n/a through <= 1.4.2.1. | |||||
| CVE-2025-58665 | 2026-04-23 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tmontg1 Form Generator for WordPress form-generator-powered-by-jotform allows Stored XSS.This issue affects Form Generator for WordPress: from n/a through <= 1.52. | |||||