Export limit exceeded: 347030 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347030 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347030 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46633 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2. | ||||
| CVE-2023-46632 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Missing Authorization vulnerability in David Cramer My Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Shortcodes: from n/a through 2.3. | ||||
| CVE-2023-46627 | 1 Freelancer-coder | 1 Wordpress Simple Html Sitemap | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin <= 2.1 versions. | ||||
| CVE-2023-46624 | 1 Parcelpro | 1 Parcel Pro | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Parcel Pro.This issue affects Parcel Pro: from n/a through 1.6.11. | ||||
| CVE-2023-46628 | 1 Redlettuce | 1 Wp Word Count | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in RedLettuce Plugins WP Word Count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Word Count: from n/a through 3.2.4. | ||||
| CVE-2023-46623 | 1 Wpvnteam | 1 Wp Extra | 2026-04-28 | 9.9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in TienCOP WP EXtra.This issue affects WP EXtra: from n/a through 6.2. | ||||
| CVE-2023-46621 | 1 Enejbajgoric\/gagansandhu\/ctltdev | 1 User Avatar | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Enej Bajgoric / Gagan Sandhu / CTLT DEV User Avatar plugin <= 1.4.11 versions. | ||||
| CVE-2023-46617 | 1 Wpfoxly | 1 Adfoxly | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt.This issue affects AdFoxly – Ad Manager, AdSense Ads & Ads.Txt: from n/a through 1.8.5. | ||||
| CVE-2023-46607 | 2026-04-28 | 5.4 Medium | ||
| Missing Authorization vulnerability in WP iCal Availability WP iCal Availability allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP iCal Availability: from n/a through 1.0.3. | ||||
| CVE-2023-46613 | 1 Add-to-calendar-button | 1 Add To Calendar Button | 2026-04-28 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <= 1.5.1 versions. | ||||
| CVE-2023-46614 | 1 Matbao | 1 Wp Helper Premium | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Helper Premium plugin <= 4.5.1 versions. | ||||
| CVE-2023-46611 | 2 Wordpress, Yourownprogrammer | 2 Wordpress, Yop Poll | 2026-04-28 | 5.3 Medium |
| Authentication Bypass by Primary Weakness vulnerability in yourownprogrammer YOP Poll allows Authentication Bypass.This issue affects YOP Poll: from n/a through 6.5.28. | ||||
| CVE-2023-46615 | 1 Kallidan | 1 Kd Coming Soon | 2026-04-28 | 5.4 Medium |
| Deserialization of Untrusted Data vulnerability in Kalli Dan. KD Coming Soon.This issue affects KD Coming Soon: from n/a through 1.7. | ||||
| CVE-2023-46311 | 1 Gvectors | 1 Wpdiscuz | 2026-04-28 | 2.7 Low |
| Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3. | ||||
| CVE-2023-46605 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in Ruslan Suhar Convertful – Your Ultimate On-Site Conversion Tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Convertful – Your Ultimate On-Site Conversion Tool: from n/a through 2.5. | ||||
| CVE-2023-46207 | 1 Stylemixthemes | 1 Motors - Car Dealer\, Classifieds \& Listing | 2026-04-28 | 4.1 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing.This issue affects Motors – Car Dealer, Classifieds & Listing: from n/a through 1.4.6. | ||||
| CVE-2023-46197 | 2026-04-28 | 5.3 Medium | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19. | ||||
| CVE-2023-46201 | 1 Auto Login New User After Registration Project | 1 Auto Login New User After Registration | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration allows Stored XSS.This issue affects Auto Login New User After Registration: from n/a through 1.9.6. | ||||
| CVE-2023-46212 | 1 Wpvnteam | 1 Wp Extra | 2026-04-28 | 6.3 Medium |
| Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects WP EXtra: from n/a through 6.2. | ||||
| CVE-2023-46203 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in JustCoded / Alex Prokopenko Just Custom Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Just Custom Fields: from n/a through 3.3.2. | ||||