• Home
  • Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 421 - 440 of 261,994 in total
WordPress Plugin: ultimate-blocks: CVE-2025-48234: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: skt-blocks: CVE-2025-48270: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: import-facebook-events: CVE-2025-48256: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: ymm-search: CVE-2025-48265: Cross-Site Request Forgery (CSRF)
Published: May 19, 2025 | Severity: 5
vulnerability
Explore
WordPress Plugin: bot-for-telegram-on-woocommerce: CVE-2025-48268: Missing Authorization
Published: May 19, 2025 | Severity: 4
vulnerability
Explore
WordPress Plugin: cost-of-goods-for-woocommerce: CVE-2025-48240: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
Oracle Linux: CVE-2025-23166: ELSA-2025-8467: nodejs:22 security update (IMPORTANT) (Multiple Advisories)
Published: May 19, 2025 | Severity: 8
vulnerability
Explore
WordPress Plugin: exclusive-addons-for-elementor: CVE-2025-48244: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 6
vulnerability
Explore
WordPress Plugin: xpro-addons-beaver-builder-elementor: CVE-2025-48232: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
Alma Linux: CVE-2025-23166: Important: nodejs:22 security update (Multiple Advisories)
Published: May 19, 2025 | Severity: 8
vulnerability
Explore
Debian: CVE-2025-23166: nodejs -- security update
Published: May 19, 2025 | Severity: 8
vulnerability
Explore
WordPress Plugin: wp-mapa-politico-spain: CVE-2025-48259: Cross-Site Request Forgery (CSRF)
Published: May 19, 2025 | Severity: 5
vulnerability
Explore
Debian: CVE-2025-23165: nodejs -- security update
Published: May 19, 2025 | Severity: 8
vulnerability
Explore
WordPress Plugin: wpadverts: CVE-2025-48269: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: dc-woocommerce-multi-vendor: CVE-2025-48263: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: awcode-toolkit: CVE-2025-48238: Cross-Site Request Forgery (CSRF)
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
Debian: CVE-2025-46801: pgpool2 -- security update
Published: May 19, 2025 | Severity: 10
vulnerability
Explore
WordPress Plugin: elementinvader-addons-for-elementor: CVE-2025-48288: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: May 19, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: wp-job-portal: CVE-2025-48272: Authorization Bypass Through User-Controlled Key
Published: May 19, 2025 | Severity: 5
vulnerability
Explore
WordPress Plugin: the-events-calendar: CVE-2025-48246: Missing Authorization
Published: May 19, 2025 | Severity: 5
vulnerability
Explore