ReportizFlow
Filtered by vendor
Subscriptions
Total
341804 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22524 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in formafzar فرم ساز فرم افزار formafzar allows Stored XSS.This issue affects فرم ساز فرم افزار: from n/a through <= 2.0. | ||||
| CVE-2025-22523 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in scheduler Schedule schedule allows Blind SQL Injection.This issue affects Schedule: from n/a through <= 1.0.0. | ||||
| CVE-2025-22522 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roya khosravi SingSong singsong allows Stored XSS.This issue affects SingSong: from n/a through <= 1.2. | ||||
| CVE-2025-22521 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Farrell wp Hosting Performance Check wp-hosting-performance-check allows Reflected XSS.This issue affects wp Hosting Performance Check: from n/a through <= 2.18.8. | ||||
| CVE-2025-22520 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through <= 1.1. | ||||
| CVE-2025-22519 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jerodmoore eDoc Easy Tables edoc-easy-tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through <= 1.29. | ||||
| CVE-2025-22518 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginsPoint Justified Image Gallery justified-image-gallery allows Stored XSS.This issue affects Justified Image Gallery: from n/a through <= 1.0. | ||||
| CVE-2025-22517 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Huson List Pages at Depth list-pages-at-depth allows Stored XSS.This issue affects List Pages at Depth: from n/a through <= 1.5. | ||||
| CVE-2025-22516 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hpinfosys Metadata SEO metadata-seo allows Stored XSS.This issue affects Metadata SEO: from n/a through <= 2.3. | ||||
| CVE-2025-22515 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simon Show Google Analytics widget show-google-analytics-widget allows Stored XSS.This issue affects Show Google Analytics widget: from n/a through <= 1.5.4. | ||||
| CVE-2025-22514 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yamna Khawaja KNR Author List Widget knr-author-list-widget allows Reflected XSS.This issue affects KNR Author List Widget: from n/a through <= 3.1.1. | ||||
| CVE-2025-22513 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Simple Locator simple-locator allows Reflected XSS.This issue affects Simple Locator: from n/a through <= 2.0.4. | ||||
| CVE-2025-22512 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in BoldGrid Help Scout help-scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through <= 6.5.6. | ||||
| CVE-2025-22511 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ella Van Durpe Slides & Presentations slide allows Stored XSS.This issue affects Slides & Presentations: from n/a through <= 0.0.39. | ||||
| CVE-2025-22510 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in kkarpieszuk WC Price History for Omnibus wc-price-history allows Object Injection.This issue affects WC Price History for Omnibus: from n/a through <= 2.1.4. | ||||
| CVE-2025-22508 | 2026-04-01 | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Event Lite fat-event-lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through <= 1.1. | ||||
| CVE-2025-22507 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in iDo8p WPMU Prefill Post wpmu-prefill-post allows SQL Injection.This issue affects WPMU Prefill Post: from n/a through <= 1.02. | ||||
| CVE-2025-22506 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smart Agenda Smart Agenda smart-agenda-prise-de-rendez-vous-en-ligne allows Stored XSS.This issue affects Smart Agenda: from n/a through <= 4.7. | ||||
| CVE-2026-23809 | 2 Arubanetworks, Hpe | 19 7010, 7030, 7205 and 16 more | 2026-04-01 | 5.4 Medium |
| A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation may enable an attacker to redirect and intercept the victim's network traffic, potentially resulting in eavesdropping, session hijacking, or denial of service. | ||||
| CVE-2025-22505 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crispweb NC Wishlist for Woocommerce nc-wishlist-for-woocommerce allows SQL Injection.This issue affects NC Wishlist for Woocommerce: from n/a through <= 1.0.1. | ||||