Export limit exceeded: 346611 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346611 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346611 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24367 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through < 3.2.8. | ||||
| CVE-2026-24366 | 2 Wordpress, Yithemes | 2 Wordpress, Yith Woocommerce Request A Quote | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in YITHEMES YITH WooCommerce Request A Quote yith-woocommerce-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Request A Quote: from n/a through <= 2.46.0. | ||||
| CVE-2026-24365 | 2 Storeapps, Wordpress | 2 Stock Manager For Woocommerce, Wordpress | 2026-04-23 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in storeapps Stock Manager for WooCommerce woocommerce-stock-manager allows Cross Site Request Forgery.This issue affects Stock Manager for WooCommerce: from n/a through < 3.6.0. | ||||
| CVE-2026-24360 | 2 Craig Hewitt, Wordpress | 2 Seriously Simple Podcasting, Wordpress | 2026-04-23 | 4.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Server Side Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through <= 3.14.1. | ||||
| CVE-2026-24358 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.3. | ||||
| CVE-2026-24357 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Recipe Maker: from n/a through <= 10.2.4. | ||||
| CVE-2026-24356 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.9 Medium |
| Missing Authorization vulnerability in Roxnor GetGenie getgenie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetGenie: from n/a through <= 4.3.0. | ||||
| CVE-2026-24355 | 2 Favethemes, Wordpress | 2 Houzez, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality allows Stored XSS.This issue affects Houzez Theme - Functionality: from n/a through <= 4.2.6. | ||||
| CVE-2026-23550 | 2 Modular, Wordpress | 2 Modular, Wordpress | 2026-04-23 | 10 Critical |
| Incorrect Privilege Assignment vulnerability in Modular DS Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from n/a through <= 2.5.1. | ||||
| CVE-2026-23548 | 2 Designinvento, Wordpress | 2 Directorypress, Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through <= 3.6.25. | ||||
| CVE-2026-23543 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through <= 6.5.5. | ||||
| CVE-2026-23541 | 2 Getwpfunnels, Wordpress | 2 Mail Mint, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through <= 1.19.4. | ||||
| CVE-2026-22522 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in Munir Kamal Block Slider block-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Block Slider: from n/a through <= 2.2.3. | ||||
| CVE-2026-22521 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in G5Theme Handmade Framework handmade-framework allows PHP Local File Inclusion.This issue affects Handmade Framework: from n/a through <= 3.9. | ||||
| CVE-2026-22519 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BuddyDev MediaPress mediapress allows Stored XSS.This issue affects MediaPress: from n/a through <= 1.6.2. | ||||
| CVE-2026-22518 | 2 Pencilwp, Wordpress | 2 X Addons For Elementor, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows DOM-Based XSS.This issue affects X Addons for Elementor: from n/a through <= 1.0.23. | ||||
| CVE-2026-22517 | 2 Passionate Brains, Wordpress | 2 Ga4wp, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through <= 2.10.0. | ||||
| CVE-2026-22492 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Nawawi Jamili Docket Cache docket-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Docket Cache: from n/a through <= 24.07.04. | ||||
| CVE-2026-22490 | 2 Niklaslindemann, Wordpress | 2 Bulk Landing Page Creator For Wordpress Lpagery, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in niklaslindemann Bulk Landing Page Creator for WordPress LPagery lpagery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Landing Page Creator for WordPress LPagery: from n/a through <= 2.4.9. | ||||
| CVE-2026-22489 | 2 Wordpress, Wptexture | 2 Wordpress, Image Slider Slideshow | 2026-04-23 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Wptexture Image Slider Slideshow image-slider-slideshow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider Slideshow: from n/a through <= 1.8. | ||||