Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
2 HIGH18 MEDIUM
CVE-2026-25463
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate Wpresidence Core wpresidence-core allows Stored XSS.This issue affects Wpresidence Core:
NVD RRF 0.016
CVE-2025-63027
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webcreations907 WBC907 Core wbc907-core allows Stored XSS.This issue affects WBC907 Core: from n/a
NVD RRF 0.016
CVE-2025-53330
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals wprentals allows Stored XSS.This issue affects WP Rentals: from n/a through <=
NVD RRF 0.016
CVE-2025-22529
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wordpresteem WE Blocks we-blocks allows Stored XSS.This issue affects WE Blocks: from n/a through
NVD RRF 0.016
CVE-2025-32637
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ketanajani WP Donate wp-donate allows Stored XSS.This issue affects WP Donate: from n/a through <=
NVD RRF 0.015
CVE-2025-32193
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMinds Simple WP Events simple-wp-events allows Stored XSS.This issue affects Simple WP Events: f
NVD RRF 0.015
CVE-2025-32490
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebsiteDefender wp secure wp-secure-by-sitesecuritymonitorcom allows Stored XSS.This issue affects
NVD RRF 0.015
CVE-2025-49318
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPtouch WPtouch wptouch allows Stored XSS.This issue affects WPtouch: from n/a through <= 4.3.60.
NVD RRF 0.015
CVE-2025-57965
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CodeUs WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3.
NVD RRF 0.014
CVE-2025-31837
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3.
NVD RRF 0.014
CVE-2025-30937
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stefanledin Responsify WP responsify-wp allows Stored XSS.This issue affects Responsify WP: from n
NVD RRF 0.014
CVE-2025-23965
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kopatheme Kopa Nictitate Toolkit kopa-nictitate-toolkit allows Stored XSS.This issue affects Kopa
NVD RRF 0.014
CVE-2025-24579
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages wp-nested-pages allows Stored XSS.This issue affects Nested Pages: from
NVD RRF 0.014
CVE-2025-31750
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in doit Breaking News WP breaking-news-wp allows Stored XSS.This issue affects Breaking News WP: from
NVD RRF 0.014
CVE-2024-54286
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smaily Smaily for WP smaily-for-wp allows Stored XSS.This issue affects Smaily for WP: from n/a th
NVD RRF 0.013
CVE-2025-60176
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tattersoftware WP Tesseract wp-tesseract allows Stored XSS.This issue affects WP Tesseract: from n
NVD RRF 0.013
CVE-2025-39575
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPSight WPCasa wpcasa allows Stored XSS.This issue affects WPCasa: from n/a through <= 1.3.2.
NVD RRF 0.013
CVE-2025-58826
MEDIUM CVSS 6.5
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric Mann WP Publication Archive wp-publication-archive allows Stored XSS.This issue affects WP P
NVD RRF 0.013
CVE-2023-27609
MEDIUM CVSS 4.8
Find Similar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration allows Stored XSS.This issue affects WP Roles at Registr
hyscaler
NVD RRF 0.013
CVE-2025-46517
MEDIUM CVSS 5.9
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdiscover Blog Manager WP blog-manager-wp allows Stored XSS.This issue affects Blog Manager WP: f
NVD RRF 0.013
Page 1+ Next →