Export limit exceeded: 347094 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347094 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47185 | 1 Gvectors | 1 Wpdiscuz | 2026-04-28 | 6.1 Medium |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions. | ||||
| CVE-2023-47189 | 1 Wpmudev | 2 Defender, Defender Security | 2026-04-28 | 5.3 Medium |
| Improper Authentication vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security: from n/a through 4.2.0. | ||||
| CVE-2023-47182 | 1 Nazmulhossainnihal | 1 Login Screen Manager | 2026-04-28 | 8.8 High |
| Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions. | ||||
| CVE-2023-47190 | 1 Apollo13themes | 1 Apollo13 Framework Extensions | 2026-04-28 | 5.4 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Apollo13Themes Apollo13 Framework Extensions plugin <= 1.9.0 versions. | ||||
| CVE-2023-47178 | 1 Posimyth | 2 The Plus Addons For Elementor, The Plus Addons For Elementor Pro | 2026-04-28 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows PHP Local File Inclusion.This issue affects The Plus Addons for Elementor Pro: from n/a through 5.2.8. | ||||
| CVE-2023-46784 | 2 Room 34 Creative Services, Wordpress | 2 Ics Calendar, Wordpress | 2026-04-28 | 8.2 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through 10.12.0.3. | ||||
| CVE-2023-46820 | 1 Iuliacazan | 1 Image Regenerate \& Select Crop | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Iulia Cazan Image Regenerate & Select Crop.This issue affects Image Regenerate & Select Crop: from n/a through 7.3.0. | ||||
| CVE-2023-46641 | 1 Code4recovery | 1 12 Step Meeting List | 2026-04-28 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.24. | ||||
| CVE-2023-46638 | 1 Webcodin | 1 Wcp Openweather | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Webcodin WCP OpenWeather plugin <= 2.5.0 versions. | ||||
| CVE-2023-46630 | 2026-04-28 | 7.5 High | ||
| Improper Authentication vulnerability in wpase Admin and Site Enhancements (ASE) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Admin and Site Enhancements (ASE): from n/a through 5.7.1. | ||||
| CVE-2023-46622 | 1 Wp-pizza | 1 Wppizza | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.18.2 versions. | ||||
| CVE-2023-46636 | 1 Blackbam | 1 Custom Header Images | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in David Stöckl Custom Header Images plugin <= 1.2.1 versions. | ||||
| CVE-2023-46620 | 1 Fluenx | 1 Deepl Api Translation | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Fluenx DeepL API translation plugin <= 2.3.9.1 versions. | ||||
| CVE-2023-46634 | 1 Phoeniixx | 1 Custom My Account For Woocommerce | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx Custom My Account for Woocommerce allows Cross-Site Scripting (XSS).This issue affects Custom My Account for Woocommerce: from n/a through 2.1. | ||||
| CVE-2023-46629 | 1 Themelocation | 1 Remove Add To Cart Woocommerce | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce plugin <= 1.4.4. | ||||
| CVE-2023-46624 | 1 Parcelpro | 1 Parcel Pro | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Parcel Pro.This issue affects Parcel Pro: from n/a through 1.6.11. | ||||
| CVE-2023-46625 | 1 Daext | 1 Autolinks Manager | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Autolinks Manager plugin <= 1.10.04 versions. | ||||
| CVE-2023-46623 | 1 Wpvnteam | 1 Wp Extra | 2026-04-28 | 9.9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in TienCOP WP EXtra.This issue affects WP EXtra: from n/a through 6.2. | ||||
| CVE-2023-46619 | 1 Web-dorado | 1 Wdsocialwidgets | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WebDorado WDSocialWidgets plugin <= 1.0.15 versions. | ||||
| CVE-2023-46618 | 1 Bala-krishna | 1 Category Seo Meta Tags | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Bala Krishna, Sergey Yakovlev Category SEO Meta Tags plugin <= 2.5 versions. | ||||