Export limit exceeded: 347094 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347094 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35909 | 1 Ninjaforms | 1 Ninja Forms | 2026-04-28 | 5.3 Medium |
| Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25. | ||||
| CVE-2023-35877 | 1 Vadimk | 1 Extra User Details | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Vadym K. Extra User Details allows Stored XSS.This issue affects Extra User Details: from n/a through 0.5. | ||||
| CVE-2023-35096 | 1 Wpexperts | 1 Mycred | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in myCred plugin <= 2.5 versions. | ||||
| CVE-2023-35050 | 2 Elementor, Wordpress | 2 Elementor Pro, Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0. | ||||
| CVE-2023-34382 | 1 Dokan | 1 Dokan | 2026-04-28 | 4.4 Medium |
| Deserialization of Untrusted Data vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy: from n/a through 3.7.19. | ||||
| CVE-2023-35039 | 1 Bedevious | 1 Password Reset With Code For Wordpress Rest Api | 2026-04-28 | 9.8 Critical |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Be Devious Web Development Password Reset with Code for WordPress REST API allows Authentication Abuse.This issue affects Password Reset with Code for WordPress REST API: from n/a through 0.0.15. | ||||
| CVE-2023-34385 | 1 Akshaymenariya | 1 Export Import Menus | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Akshay Menariya Export Import Menus.This issue affects Export Import Menus: from n/a through 1.8.0. | ||||
| CVE-2023-34379 | 1 Magneticone | 1 Magento To Woocommerce Migration | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in MagneticOne Cart2Cart: Magento to WooCommerce Migration.This issue affects Cart2Cart: Magento to WooCommerce Migration: from n/a through 2.0.0. | ||||
| CVE-2023-34370 | 2026-04-28 | 7.1 High | ||
| Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates, Brainstorm Force Premium Starter Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver Builder Templates: from n/a through 3.2.4; Premium Starter Templates: from n/a through 3.2.4. | ||||
| CVE-2023-34168 | 1 Esiteq | 1 Wp Report Post | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alex Raven WP Report Post allows SQL Injection.This issue affects WP Report Post: from n/a through 2.1.2. | ||||
| CVE-2023-34030 | 1 Really-simple-plugins | 1 Complianz | 2026-04-28 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Request Forgery.This issue affects Complianz: from n/a through 6.4.5; Complianz Premium: from n/a through 6.4.7. | ||||
| CVE-2023-34027 | 1 Rajarora795 | 1 Recently Viewed Products | 2026-04-28 | 8.3 High |
| Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a through 1.0.0. | ||||
| CVE-2023-34020 | 1 Uncannyowl | 1 Uncanny Toolkit For Learndash | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3. | ||||
| CVE-2023-34018 | 1 Soundcloud | 1 Soundcloud Shortcode | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoundCloud Inc. SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: from n/a through 3.1.0. | ||||
| CVE-2023-34007 | 1 Wpchill | 1 Download Monitor | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.3. | ||||
| CVE-2023-34013 | 1 Ays-pro | 1 Poll Maker | 2026-04-28 | 4.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2. | ||||
| CVE-2023-33923 | 2026-04-28 | 4.3 Medium | ||
| Missing Authorization vulnerability in HashThemes Viral News, HashThemes Viral, HashThemes HashOne.This issue affects Viral News: from n/a through 1.4.5; Viral: from n/a through 1.8.0; HashOne: from n/a through 1.3.0. | ||||
| CVE-2023-33330 | 1 Woocommerce | 1 Automatewoo | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. | ||||
| CVE-2023-33331 | 1 Woo | 1 Product Vendors | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.76. | ||||
| CVE-2023-33333 | 1 Really-simple-plugins | 1 Complianz | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting (XSS).This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1. | ||||