Search Results (85136 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-47876 1 Perfmatters 1 Perfmatters 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Perfmatters allows Reflected XSS.This issue affects Perfmatters: from n/a through 2.1.6.
CVE-2023-47868 1 Gvectors 1 Wpforo Forum 2026-04-28 7.3 High
Improper Privilege Management vulnerability in wpForo wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.2.3.
CVE-2023-47852 1 Linkwhisper 1 Link Whisper Free 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Link Whisper Link Whisper Free.This issue affects Link Whisper Free: from n/a through 0.6.5.
CVE-2023-47844 1 Neobie 1 Grab \& Save 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lim Kai Yang Grab & Save allows Reflected XSS.This issue affects Grab & Save: from n/a through 1.0.4.
CVE-2023-47870 1 Gvectors 1 Wpforo Forum 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.
CVE-2023-47848 1 Tainacan 1 Tainacan 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tainacan.Org Tainacan allows Reflected XSS.This issue affects Tainacan: from n/a through 0.20.4.
CVE-2023-47843 1 Wordpress 1 Wordpress 2026-04-28 7.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0.
CVE-2023-47652 1 Flamescorpion 1 Auto Affiliate Links 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links allows Stored XSS.This issue affects Auto Affiliate Links: from n/a through 6.4.2.4.
CVE-2023-47550 1 Rednao 1 Donations Made Easy - Smart Donations 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations allows Stored XSS.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12.
CVE-2023-47558 1 Lindeni 1 Who Hit The Page - Hit Counter 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mahlamusa Who Hit The Page – Hit Counter allows SQL Injection.This issue affects Who Hit The Page – Hit Counter: from n/a through 1.4.14.3.
CVE-2023-47530 1 Wpvibes 1 Redirect 404 Error Page To Homepage Or Custom Page With Logs 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPVibes Redirect 404 Error Page to Homepage or Custom Page with Logs allows SQL Injection.This issue affects Redirect 404 Error Page to Homepage or Custom Page with Logs: from n/a through 1.8.7.
CVE-2023-47521 1 Q2w3 1 Q2w3 Post Order 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond, AndreSC Q2W3 Post Order allows Reflected XSS.This issue affects Q2W3 Post Order: from n/a through 1.2.8.
CVE-2023-47506 1 Masterslider 1 Master Slider 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Master slider Master Slider Pro allows SQL Injection.This issue affects Master Slider Pro: from n/a through 3.6.5.
CVE-2023-47510 1 Wpsolutions-hq 1 Wpdbspringclean 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPSolutions-HQ WPDBSpringClean plugin <= 1.6 versions.
CVE-2023-47507 1 Averta 1 Master Slider Pro 2026-04-28 7.1 High
Deserialization of Untrusted Data vulnerability in Master Slider Master Slider Pro.This issue affects Master Slider Pro: from n/a through 3.6.5.
CVE-2023-47236 1 Ipages Flipbook Project 1 Ipages Flipbook 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum iPages Flipbook For WordPress.This issue affects iPages Flipbook For WordPress: from n/a through 1.4.8.
CVE-2023-47178 1 Posimyth 2 The Plus Addons For Elementor, The Plus Addons For Elementor Pro 2026-04-28 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows PHP Local File Inclusion.This issue affects The Plus Addons for Elementor Pro: from n/a through 5.2.8.
CVE-2023-46784 2 Room 34 Creative Services, Wordpress 2 Ics Calendar, Wordpress 2026-04-28 8.2 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through 10.12.0.3.
CVE-2023-46630 2026-04-28 7.5 High
Improper Authentication vulnerability in wpase Admin and Site Enhancements (ASE) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Admin and Site Enhancements (ASE): from n/a through 5.7.1.
CVE-2023-46622 1 Wp-pizza 1 Wppizza 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.18.2 versions.