Export limit exceeded: 347094 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347094 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25043 | 1 Supsystic | 1 Data Tables Generator | 2026-04-28 | 4.3 Medium |
| Incorrect Authorization vulnerability in Supsystic Data Tables Generator.This issue affects Data Tables Generator: from n/a through 1.10.25. | ||||
| CVE-2023-25030 | 1 Buymeacoffee | 1 Buy Me A Coffee | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through 3.7. | ||||
| CVE-2023-25039 | 2 Codepeople, Wordpress | 2 Google Maps Cp, Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in CodePeople Google Maps CP.This issue affects Google Maps CP: from n/a through 1.0.43. | ||||
| CVE-2023-2487 | 1 Smackcoders | 1 Export All Posts\, Products\, Orders\, Refunds \& Users | 2026-04-28 | 5.9 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Smackcoders Export All Posts, Products, Orders, Refunds & Users.This issue affects Export All Posts, Products, Orders, Refunds & Users: from n/a through 2.4.1. | ||||
| CVE-2023-24410 | 1 Fluentforms | 1 Contact Form | 2026-04-28 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms: from n/a through 4.3.25. | ||||
| CVE-2023-24403 | 1 Wpforthewin | 1 Bbpress Voting | 2026-04-28 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP For The Win bbPress Voting plugin <= 2.1.11.0 versions. | ||||
| CVE-2023-24388 | 1 Wpdevart | 1 Booking Calendar | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete). | ||||
| CVE-2023-24380 | 1 Webbjocke | 1 Simple Wp Sitemap | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke Simple Wp Sitemap.This issue affects Simple Wp Sitemap: from n/a through 1.2.1. | ||||
| CVE-2023-24377 | 1 Lightspeedhq | 1 Ecwid Ecommerce Shopping Cart | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions. | ||||
| CVE-2023-24009 | 1 Wpazure | 1 Upfrontwp | 2026-04-28 | 6.5 Medium |
| Auth. (subscriber+) Reflected Cross-site Scripting (XSS) vulnerability in Wpazure Themes Upfrontwp theme <= 1.1 versions. | ||||
| CVE-2023-23991 | 2026-04-28 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPdevelop / Oplugins Booking Calendar allows SQL Injection.This issue affects Booking Calendar: from n/a through 9.4.3. | ||||
| CVE-2023-23992 | 1 Automatorwp | 1 Automatorwp | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete. | ||||
| CVE-2023-23985 | 2 Ays-pro, Wordpress | 2 Quiz Maker, Wordpress | 2026-04-28 | 3.7 Low |
| Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4. | ||||
| CVE-2023-23984 | 1 Wow-company | 1 Bubble Menu | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion. | ||||
| CVE-2023-23970 | 1 Woorockets | 1 Corsa | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in WooRockets Corsa.This issue affects Corsa: from n/a through 1.5. | ||||
| CVE-2023-23974 | 1 Fullworksplugins | 1 Quick Event Manager | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update). | ||||
| CVE-2023-23976 | 1 Metagauss | 1 Registrationmagic | 2026-04-28 | 7.5 High |
| Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9.2. | ||||
| CVE-2023-23896 | 1 Mythemeshop | 1 Url Shortener | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in MyThemeShop URL Shortener by MyThemeShop.This issue affects URL Shortener by MyThemeShop: from n/a through 1.0.17. | ||||
| CVE-2023-23882 | 1 Brainstormforce | 1 Ultimate Addons For Beaver Builder | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.5. | ||||
| CVE-2023-23800 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2026-04-28 | 7.1 High |
| Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a through 5.12.6. | ||||