Total
43061 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26994 | 1 Softdiscover | 1 Zigaform | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in softdiscover Zigaform – Price Calculator & Cost Estimation Form Builder Lite zigaform-calculator-cost-estimation-form-builder-lite allows Stored XSS.This issue affects Zigaform – Price Calculator & Cost Estimation Form Builder Lite: from n/a through <= 7.4.2. | ||||
| CVE-2025-26993 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Reflected XSS.This issue affects Atarim: from n/a through <= 4.1.0. | ||||
| CVE-2025-26992 | 2 Fatcatapps, Wordpress | 2 Landing Page Cat, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fatcatapps Landing Page Cat landing-page-cat allows Reflected XSS.This issue affects Landing Page Cat: from n/a through <= 1.7.8. | ||||
| CVE-2025-26991 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ollybach WPPizza wppizza allows Reflected XSS.This issue affects WPPizza: from n/a through <= 3.19.4. | ||||
| CVE-2025-26989 | 1 Softdiscover | 1 Zigaform | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in softdiscover Zigaform zigaform-form-builder-lite allows Stored XSS.This issue affects Zigaform: from n/a through <= 7.4.2. | ||||
| CVE-2025-26987 | 1 Dynamiapps | 1 Frontend Admin | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Reflected XSS.This issue affects Frontend Admin by DynamiApps: from n/a through <= 3.25.17. | ||||
| CVE-2025-26984 | 1 Cozyvision | 1 Sms Alert Order Notifications | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Reflected XSS.This issue affects SMS Alert Order Notifications: from n/a through <= 3.7.8. | ||||
| CVE-2025-26982 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric-Oliver Mächler DSGVO Youtube dsgvo-youtube allows DOM-Based XSS.This issue affects DSGVO Youtube: from n/a through <= 1.5.1. | ||||
| CVE-2025-26981 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Reflected XSS.This issue affects Web Accessibility By accessiBe: from n/a through <= 2.5. | ||||
| CVE-2025-26980 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wired Impact Wired Impact Volunteer Management wired-impact-volunteer-management allows Stored XSS.This issue affects Wired Impact Volunteer Management: from n/a through <= 2.5. | ||||
| CVE-2025-26973 | 1 Warfareplugins | 1 Social Warfare | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WarfarePlugins Social Warfare social-warfare allows DOM-Based XSS.This issue affects Social Warfare: from n/a through <= 4.5.5. | ||||
| CVE-2025-26962 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Easy Contact Form Lite contact-form-lite allows Stored XSS.This issue affects Easy Contact Form Lite : from n/a through <= 1.1.25. | ||||
| CVE-2025-26954 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 1pluginjquery ZooEffect 1-jquery-photo-gallery-slideshow-flash allows Reflected XSS.This issue affects ZooEffect: from n/a through <= 1.11. | ||||
| CVE-2025-26952 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Business Card Block business-card-block allows Stored XSS.This issue affects Business Card Block: from n/a through <= 1.0.5. | ||||
| CVE-2025-26951 | 2 Covertnine, Wordpress | 2 C9 Blocks, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in covertnine C9 Blocks c9-blocks allows DOM-Based XSS.This issue affects C9 Blocks: from n/a through <= 1.7.7. | ||||
| CVE-2025-26950 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddonsPress Nepali Date Converter nepali-date-converter allows Stored XSS.This issue affects Nepali Date Converter: from n/a through <= 2.0.8. | ||||
| CVE-2025-26949 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Team Section Block team-section allows Stored XSS.This issue affects Team Section Block: from n/a through <= 1.0.9. | ||||
| CVE-2025-26947 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Services Section block services-section allows Stored XSS.This issue affects Services Section block: from n/a through <= 1.3.4. | ||||
| CVE-2025-26945 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Info Cards info-cards allows Stored XSS.This issue affects Info Cards: from n/a through <= 1.0.5. | ||||
| CVE-2025-26939 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Counters Block counters-block allows Stored XSS.This issue affects Counters Block: from n/a through <= 1.1.2. | ||||