Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
14 HIGH6 MEDIUM
CVE-2025-64196
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Boost
booster
NVD RRF 0.016
CVE-2025-64380
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster
booster
NVD RRF 0.016
CVE-2025-39446
MEDIUM CVSS 6.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl LLC Booster Plus for WooCommerce allows Reflected XSS.This issue affects Booster Plus for
booster
NVD RRF 0.016
CVE-2024-52469
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dhrubok Infotech Services Ltd. WooCommerce Price Alert price-alert-woocommerce allows Reflected XS
NVD RRF 0.016
CVE-2025-64379
MEDIUM CVSS 4.3
Find Similar
Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCo
booster
NVD RRF 0.015
CVE-2026-32586
MEDIUM CVSS 5.3
Find Similar
Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCo
NVD RRF 0.015
CVE-2024-47367
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Reflected XSS.Th
NVD RRF 0.015
CVE-2025-30906
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lisandragetnet Plugin Oficial – Getnet para WooCommerce wc-checkout-getnet allows Reflected XSS.Th
NVD RRF 0.015
CVE-2025-22767
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Global Payments GlobalPayments WooCommerce global-payments-woocommerce allows Reflected XSS.This i
NVD RRF 0.014
CVE-2025-30917
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Wham SKU Generator for WooCommerce sku-for-woocommerce allows Reflected XSS.This issue affects
NVD RRF 0.014
CVE-2025-28999
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomIt WooCommerce Shop Page Builder allows Reflected XSS. This issue affects WooCommerce Shop Pag
NVD RRF 0.014
CVE-2025-53297
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team Woocommerce Envato Affiliates wooenvato allows Reflected XSS.This issue affects Woocommerc
NVD RRF 0.014
CVE-2025-23903
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woofx Local Shipping Labels for WooCommerce local-shipping-labels-for-woocommerce allows Reflected
NVD RRF 0.014
CVE-2024-43126
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sender Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce allows Refle
NVD RRF 0.014
CVE-2024-45459
MEDIUM CVSS 6.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Reflected XSS.This i
pickplugins
NVD RRF 0.013
CVE-2025-68011
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GLS GLS Shipping for WooCommerce gls-shipping-for-woocommerce allows Reflected XSS.This issue affe
NVD RRF 0.013
CVE-2025-23450
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in agenwebsite AW WooCommerce Kode Pembayaran aw-woocommerce-kode-pembayaran allows Reflected XSS.Thi
NVD RRF 0.013
CVE-2024-54240
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blazeonline Blaze Online eParcel for WooCommerce blaze-online-eparcel-for-woocommerce allows Refle
NVD RRF 0.013
CVE-2024-39666
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 9.1.2.
NVD RRF 0.013
CVE-2025-23731
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in infosoftplugin Tax Report for WooCommerce tax-report-for-woocommerce allows Reflected XSS.This iss
NVD RRF 0.013
Page 1+ Next →