Export limit exceeded: 347094 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347094 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39313 | 1 Theme-fusion | 1 Avada | 2026-04-28 | 7.7 High |
| Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | ||||
| CVE-2023-39311 | 1 Avada | 1 Fusion Builder | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-39166 | 1 Tagdiv | 1 Tagdiv Composer | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before 4.4. | ||||
| CVE-2023-39306 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-39307 | 1 Theme-fusion | 1 Avada | 2026-04-28 | 8.5 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | ||||
| CVE-2023-39157 | 1 Crocoblock | 1 Jetelements | 2026-04-28 | 9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.10. | ||||
| CVE-2023-38519 | 1 Mainwp | 1 Mainwp Dashboard | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3. | ||||
| CVE-2023-38515 | 1 Church Admin Project | 1 Church Admin | 2026-04-28 | 5.5 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 3.7.56. | ||||
| CVE-2023-38513 | 1 Meowapps | 1 Photo Engine | 2026-04-28 | 5.4 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through 6.2.5. | ||||
| CVE-2023-38481 | 1 Crmperks | 1 Integration For Woocommerce And Zoho Crm\, Books\, Invoice\, Inventory\, Bigin | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin.This issue affects Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin: from n/a before 1.3.7. | ||||
| CVE-2023-38478 | 1 Crmperks | 1 Integration For Woocommerce And Quickbooks | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and QuickBooks.This issue affects Integration for WooCommerce and QuickBooks: from n/a through 1.2.3. | ||||
| CVE-2023-38474 | 1 Campaignmonitor | 1 Campaign Monitor | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign Monitor for WordPress: from n/a through 2.8.12. | ||||
| CVE-2023-38400 | 1 Kriesi | 1 Enfold | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4. | ||||
| CVE-2023-38382 | 1 Subscribe To Category Project | 1 Subscribe To Category | 2026-04-28 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4. | ||||
| CVE-2023-38388 | 1 Artbees | 1 Jupiter X Core | 2026-04-28 | 9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from n/a through 3.3.5. | ||||
| CVE-2023-38391 | 1 Themesgrove | 1 Onepage Builder | 2026-04-28 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themesgrove Onepage Builder allows SQL Injection.This issue affects Onepage Builder: from n/a through 2.4.1. | ||||
| CVE-2023-37998 | 1 Saas | 1 Disabler | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler allows Cross Site Request Forgery.This issue affects Disabler: from n/a through 3.0.3. | ||||
| CVE-2023-37982 | 1 Crmperks | 1 Integration For Salesforce And Contact Form 7\, Wpforms\, Elementor\, Ninja Forms | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.3.3. | ||||
| CVE-2023-37978 | 1 Riverside | 1 Http Headers | 2026-04-28 | 4.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11. | ||||
| CVE-2023-37966 | 1 Solwininfotech | 1 User Activity Log | 2026-04-28 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log user-activity-log allows SQL Injection.This issue affects User Activity Log: from n/a through 1.6.2. | ||||