Export limit exceeded: 347171 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347171 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46084 | 1 Bplugins | 1 Icons Font Loader | 2026-04-28 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bPlugins LLC Icons Font Loader allows SQL Injection.This issue affects Icons Font Loader: from n/a through 1.1.2. | ||||
| CVE-2023-46078 | 1 Pluginever | 1 Wc Serial Numbers | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PluginEver WC Serial Numbers plugin <= 1.6.3 versions. | ||||
| CVE-2023-46076 | 1 Rednao | 1 Woocommerce Pdf Invoice Builder | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin <= 1.2.102 versions. | ||||
| CVE-2023-46069 | 1 Osmansorkar | 1 Ajax Archive Calendar | 2026-04-28 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Osmansorkar Ajax Archive Calendar plugin <= 2.6.7 versions. | ||||
| CVE-2023-46070 | 1 Egeorjon | 1 Eg-attachments | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Emmanuel GEORJON EG-Attachments plugin <= 2.1.3 versions. | ||||
| CVE-2023-46075 | 1 Wpdevart | 1 Contact Form Builder | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpdevart Contact Form Builder, Contact Widget plugin <= 2.1.6 versions. | ||||
| CVE-2023-46072 | 1 Add Shortcodes Actions And Filters Project | 1 Add Shortcodes Actions And Filters | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Simpson Add Shortcodes Actions And Filters plugin <= 2.0.9 versions. | ||||
| CVE-2023-46066 | 1 Codedraft | 1 Mediabay - Wordpress Media Library Folders | 2026-04-28 | 5.9 Medium |
| Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Codedrafty Mediabay – Media Library Folders plugin <= 1.6 versions. | ||||
| CVE-2023-46071 | 1 Clickdatos | 1 Proteccion De Datos Rgpd | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickDatos Protección de Datos RGPD plugin <= 3.1.0 versions. | ||||
| CVE-2023-46067 | 1 Qwerty23 | 1 Rocket Font | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Font plugin <= 1.2.3 versions. | ||||
| CVE-2023-45836 | 1 Xydac | 1 Ultimate Taxonomy Manager | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in XYDAC Ultimate Taxonomy Manager plugin <= 2.0 versions. | ||||
| CVE-2023-45837 | 1 Xydac | 1 Ultimate Taxonomy Manager | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XYDAC Ultimate Taxonomy Manager plugin <= 2.0 versions. | ||||
| CVE-2023-45767 | 1 Wokamoto | 1 Simple Tweet | 2026-04-28 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wokamoto Simple Tweet plugin <= 1.4.0.2 versions. | ||||
| CVE-2023-45762 | 1 Michaeluno | 1 Responsive Column Widgets | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Michael Uno (miunosoft) Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7. | ||||
| CVE-2023-45834 | 1 Libsyn | 1 Libsyn Publisher Hub | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4. | ||||
| CVE-2023-45768 | 1 Stephanieleary | 1 Next Page | 2026-04-28 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Stephanie Leary Next Page plugin <= 1.5.2 versions. | ||||
| CVE-2023-45772 | 1 Scribit | 1 Proofreading | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Scribit Proofreading plugin <= 1.0.11 versions. | ||||
| CVE-2023-45830 | 2 Adaplugin, Online Ada | 2 Accessibility Suite By Online Ada, Accessibility Suite By Online Ada | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.12. | ||||
| CVE-2023-45771 | 1 Bestwebsoft | 1 Captcha | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Contact Form With Captcha allows Reflected XSS.This issue affects Contact Form With Captcha: from n/a through 1.6.8. | ||||
| CVE-2023-45833 | 1 Leadsquared | 1 Leadsquared Suite | 2026-04-28 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in LeadSquared Suite plugin <= 0.7.4 versions. | ||||