Export limit exceeded: 46718 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (46718 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-12425 2026-06-16 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting (XSS). This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after the login URL and have it be eval()'d in the page and execute in the context of the user.
CVE-2024-30476 1 Dell 1 Powerstore 2026-06-16 5.4 Medium
PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser.
CVE-2026-39449 2 Itpathsolutions, Wordpress 2 Contact Form To Any Api, Wordpress 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Contact Form to Any API <= 3.0.3 versions.
CVE-2025-68872 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Eli&#039;s WordCents adSense Widget with Analytics <= 1.3.03.27 versions.
CVE-2026-39435 2 Bgermann, Wordpress 2 Cformsii, Wordpress 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in CformsII <= 15.1.3 versions.
CVE-2026-39463 2 Managewp, Wordpress 2 Managewp Worker, Wordpress 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in ManageWP Worker <= 4.9.31 versions.
CVE-2026-39507 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Social Slider Feed <= 2.3.2 versions.
CVE-2026-40770 2 Relywp, Wordpress 2 Coupon Affiliates, Wordpress 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Coupon Affiliates <= 7.5.3 versions.
CVE-2026-42663 2 Wordpress, Wp.insider 2 Wordpress, Simple Membership 2026-06-16 6.5 Medium
Unauthenticated Cross Site Scripting (XSS) in Simple Membership <= 4.7.2 versions.
CVE-2026-48867 2 Expresstech, Wordpress 2 Quiz And Survey Master, Wordpress 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.1.2 versions.
CVE-2026-54198 2 Davidlingren, Wordpress 2 Media Library Assistant, Wordpress 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Media LIbrary Assistant <= 3.35 versions.
CVE-2026-54191 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Pods <= 3.3.8 versions.
CVE-2026-39437 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Min Max Step Quantity Limits Manager for WooCommerce <= 5.2.2 versions.
CVE-2026-39540 2026-06-16 6.5 Medium
Subscriber Cross Site Scripting (XSS) in Shipment Tracker for Woocommerce <= 1.5.3.2 versions.
CVE-2026-48880 2 Ahmad, Wordpress 2 Wp Job Portal, Wordpress 2026-06-16 6.5 Medium
Subscriber Cross Site Scripting (XSS) in WP Job Portal <= 2.5.2 versions.
CVE-2026-48871 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in MW WP Form <= 5.1.3 versions.
CVE-2025-68851 2026-06-16 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Okay Toolkit <= 2.3 versions.
CVE-2026-39451 2 Jgwhite33, Wordpress 2 Wp Google Review Slider, Wordpress 2026-06-16 6.3 Medium
Unauthenticated Cross Site Scripting (XSS) in WP Google Review Slider <= 18.0 versions.
CVE-2026-39491 2 Artbees, Wordpress 2 Jupiter X Core, Wordpress 2026-06-16 6.5 Medium
Subscriber Cross Site Scripting (XSS) in JupiterX Core <= 4.14.1 versions.
CVE-2026-48870 2 Kingaddons, Wordpress 2 King Addons For Elementor, Wordpress 2026-06-16 6.5 Medium
Subscriber Cross Site Scripting (XSS) in King Addons for Elementor <= 51.1.62 versions.