Export limit exceeded: 347030 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347030 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-34025 | 1 Lws | 1 Lws Hide Login | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Hide Login plugin <= 2.1.6 versions. | ||||
| CVE-2023-34024 | 1 Guillemantdavid | 1 Full Auto Tags Manager | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Guillemant David WP Full Auto Tags Manager plugin <= 2.2 versions. | ||||
| CVE-2023-34020 | 1 Uncannyowl | 1 Uncanny Toolkit For Learndash | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3. | ||||
| CVE-2023-34018 | 1 Soundcloud | 1 Soundcloud Shortcode | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoundCloud Inc. SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: from n/a through 3.1.0. | ||||
| CVE-2023-34014 | 2 G5theme, Wordpress | 2 Grid-plus, Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in G5Theme Grid Plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grid Plus: from n/a through 1.3.2. | ||||
| CVE-2023-34009 | 2026-04-28 | 4.3 Medium | ||
| Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Media & Share Icons: from n/a through 2.8.1. | ||||
| CVE-2023-34007 | 1 Wpchill | 1 Download Monitor | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.3. | ||||
| CVE-2023-34013 | 1 Ays-pro | 1 Poll Maker | 2026-04-28 | 4.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2. | ||||
| CVE-2023-34002 | 1 Wpinventory | 1 Wp Inventory Manager | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory Manager plugin <= 2.1.0.13 versions. | ||||
| CVE-2023-33998 | 2 Cybernetikz, Wordpress | 2 Easy Social Icons, Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in cybernetikz Easy Social Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Icons: from n/a through 3.2.5. | ||||
| CVE-2023-33923 | 2026-04-28 | 4.3 Medium | ||
| Missing Authorization vulnerability in HashThemes Viral News, HashThemes Viral, HashThemes HashOne.This issue affects Viral News: from n/a through 1.4.5; Viral: from n/a through 1.8.0; HashOne: from n/a through 1.3.0. | ||||
| CVE-2023-33996 | 2026-04-28 | 8.8 High | ||
| Missing Authorization vulnerability in СleanTalk - Anti-Spam Protection Spam protection, AntiSpam, FireWall by CleanTalk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spam protection, AntiSpam, FireWall by CleanTalk: from n/a through 6.10. | ||||
| CVE-2023-33924 | 1 Felixwelberg | 1 Sis Handball | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Felix Welberg SIS Handball allows SQL Injection.This issue affects SIS Handball: from n/a through 1.0.45. | ||||
| CVE-2023-33927 | 1 Themeisle | 1 Multiple Page Generator | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin – MPG multiple-pages-generator-by-porthas allows SQL Injection.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.3.19. | ||||
| CVE-2023-33995 | 1 10web | 1 Photo Gallery | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Gallery by 10Web: from n/a through 1.8.15. | ||||
| CVE-2023-33928 | 2026-04-28 | 4.3 Medium | ||
| Missing Authorization vulnerability in WebToffee WordPress Backup & Migration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Backup & Migration: from n/a through 1.4.0. | ||||
| CVE-2023-33330 | 1 Woocommerce | 1 Automatewoo | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. | ||||
| CVE-2023-33331 | 1 Woo | 1 Product Vendors | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.76. | ||||
| CVE-2023-33333 | 1 Really-simple-plugins | 1 Complianz | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting (XSS).This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1. | ||||
| CVE-2023-33324 | 2026-04-28 | 6.5 Medium | ||
| Missing Authorization vulnerability in wppal Easy Captcha allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Captcha: from n/a through 1.0. | ||||