Export limit exceeded: 347030 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347030 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46824 | 1 Omaksolutions | 1 Slick Popup | 2026-04-28 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin <= 1.7.14 versions. | ||||
| CVE-2023-46820 | 1 Iuliacazan | 1 Image Regenerate \& Select Crop | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Iulia Cazan Image Regenerate & Select Crop.This issue affects Image Regenerate & Select Crop: from n/a through 7.3.0. | ||||
| CVE-2023-46644 | 2026-04-28 | 6.5 Medium | ||
| Missing Authorization vulnerability in WP CTA PRO WordPress CTA allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a through 1.5.8. | ||||
| CVE-2023-46822 | 1 Visser | 1 Store Exporter For Woocommerce | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting') vulnerability in Visser Labs Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin <= 2.7.2 versions. | ||||
| CVE-2023-46821 | 1 Dev4press | 1 Gd Security Headers | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Milan Petrovic GD Security Headers allows auth. (admin+) SQL Injection.This issue affects GD Security Headers: from n/a through 1.7. | ||||
| CVE-2023-46642 | 1 Sahu | 1 Sahu Tiktok Pixel For E-commerce | 2026-04-28 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 versions. | ||||
| CVE-2023-46776 | 1 Josie | 1 Auto Excerpt Everywhere | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Serena Villa Auto Excerpt everywhere plugin <= 1.5 versions. | ||||
| CVE-2023-46643 | 1 Cloudnet360 | 1 Cloudnet360 | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions. | ||||
| CVE-2023-46782 | 1 Chrisyee | 1 Momentopress For Momento360 | 2026-04-28 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Yee MomentoPress for Momento360 plugin <= 1.0.1 versions. | ||||
| CVE-2023-46777 | 1 Featherplugins | 1 Custom Login Page \| Temporary Users \| Rebrand Login \| Login Captcha | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin <= 1.1.3 versions. | ||||
| CVE-2023-46823 | 1 Avirtum | 1 Imagelinks | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4. | ||||
| CVE-2023-46775 | 1 Zixn | 1 Original Texts Yandex Webmaster | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <= 1.18 versions. | ||||
| CVE-2023-46779 | 1 Easyrecipe Project | 1 Easyrecipe | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe plugin <= 3.5.3251 versions. | ||||
| CVE-2023-46778 | 1 Thefreewindows | 1 Auto Limit Posts Reloaded | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin <= 2.5 versions. | ||||
| CVE-2023-46780 | 1 Altersoftware | 1 Alter | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Alter plugin <= 1.0 versions. | ||||
| CVE-2023-46641 | 1 Code4recovery | 1 12 Step Meeting List | 2026-04-28 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.24. | ||||
| CVE-2023-46637 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Generate Dummy Posts: from n/a through 1.0.0. | ||||
| CVE-2023-46639 | 2026-04-28 | 5.3 Medium | ||
| Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.5. | ||||
| CVE-2023-46616 | 2026-04-28 | 5.4 Medium | ||
| Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15. | ||||
| CVE-2023-46634 | 1 Phoeniixx | 1 Custom My Account For Woocommerce | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx Custom My Account for Woocommerce allows Cross-Site Scripting (XSS).This issue affects Custom My Account for Woocommerce: from n/a through 2.1. | ||||