Export limit exceeded: 361549 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84928 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-48758 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2026-04-29 | 7.1 High |
| Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through <= 3.2.4. | ||||
| CVE-2023-48286 | 2026-04-29 | 8.2 High | ||
| Missing Authorization vulnerability in mra13 Stripe Payments stripe-payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stripe Payments: from n/a through <= 2.0.79. | ||||
| CVE-2023-47648 | 2 Spider-themes, Wordpress | 2 Eazydocs, Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through <= 2.3.5. | ||||
| CVE-2023-47224 | 2026-04-29 | 7.5 High | ||
| Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 7.8.0. | ||||
| CVE-2023-47698 | 1 Artisanworkshop | 1 Japanized For Woocommerce | 2026-04-29 | 8.6 High |
| Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japanized For WooCommerce: from n/a through <= 2.6.4. | ||||
| CVE-2023-47185 | 1 Gvectors | 1 Wpdiscuz | 2026-04-29 | 7.1 High |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions. | ||||
| CVE-2023-47182 | 1 Nazmulhossainnihal | 1 Login Screen Manager | 2026-04-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions. | ||||
| CVE-2023-47693 | 2 Themefic, Wordpress | 2 Ultimate Addons For Contact Form 7, Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through <= 3.2.6. | ||||
| CVE-2023-46626 | 1 Flowfact | 1 Flowfact | 2026-04-29 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FLOWFACT WP Connector plugin <= 2.1.7 versions. | ||||
| CVE-2023-47179 | 2 Byconsole, Wordpress | 2 Wooodt Lite, Wordpress | 2026-04-29 | 8.8 High |
| Missing Authorization vulnerability in mdalabar WooODT Lite byconsole-woo-order-delivery-time allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through <= 2.4.6. | ||||
| CVE-2023-41130 | 2026-04-29 | 8.1 High | ||
| Missing Authorization vulnerability in Premmerce Premmerce User Roles premmerce-user-roles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce User Roles: from n/a through <= 1.0.12. | ||||
| CVE-2023-25983 | 2 Kbsupport, Logon | 2 Kb Support, Kb Support | 2026-04-29 | 8.8 High |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.5.84. | ||||
| CVE-2023-32741 | 1 Itpathsolutions | 1 Contact Form To Any Api | 2026-04-29 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2. | ||||
| CVE-2023-46084 | 1 Bplugins | 1 Icons Font Loader | 2026-04-29 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bPlugins LLC Icons Font Loader allows SQL Injection.This issue affects Icons Font Loader: from n/a through 1.1.2. | ||||
| CVE-2023-35911 | 1 Creative-solutions | 1 Contact Form Generator | 2026-04-29 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Creative Solutions Contact Form Generator : Creative form builder for WordPress allows SQL Injection.This issue affects Contact Form Generator : Creative form builder for WordPress: from n/a through 2.6.0. | ||||
| CVE-2023-35037 | 2026-04-29 | 7.6 High | ||
| Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through <= 1.3.2.357. | ||||
| CVE-2023-45074 | 1 Pagevisitcounter | 1 Advanced Page Visit Counter | 2026-04-29 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 7.1.1. | ||||
| CVE-2023-45069 | 1 Total-soft | 1 Video Gallery | 2026-04-29 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Video Gallery by Total-Soft Video Gallery – Best WordPress YouTube Gallery Plugin allows SQL Injection.This issue affects Video Gallery – Best WordPress YouTube Gallery Plugin: from n/a through 2.1.3. | ||||
| CVE-2023-45104 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Betterlinks | 2026-04-29 | 7.3 High |
| Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through <= 1.6.0. | ||||
| CVE-2023-45055 | 1 Inspireui | 1 Mstore Api | 2026-04-29 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6. | ||||