Export limit exceeded: 347166 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347166 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39157 | 1 Crocoblock | 1 Jetelements | 2026-04-28 | 9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.10. | ||||
| CVE-2023-38519 | 1 Mainwp | 1 Mainwp Dashboard | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3. | ||||
| CVE-2023-38515 | 1 Church Admin Project | 1 Church Admin | 2026-04-28 | 5.5 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 3.7.56. | ||||
| CVE-2023-38513 | 1 Meowapps | 1 Photo Engine | 2026-04-28 | 5.4 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through 6.2.5. | ||||
| CVE-2023-38481 | 1 Crmperks | 1 Integration For Woocommerce And Zoho Crm\, Books\, Invoice\, Inventory\, Bigin | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin.This issue affects Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin: from n/a before 1.3.7. | ||||
| CVE-2023-38478 | 1 Crmperks | 1 Integration For Woocommerce And Quickbooks | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and QuickBooks.This issue affects Integration for WooCommerce and QuickBooks: from n/a through 1.2.3. | ||||
| CVE-2023-38474 | 1 Campaignmonitor | 1 Campaign Monitor | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign Monitor for WordPress: from n/a through 2.8.12. | ||||
| CVE-2023-38400 | 1 Kriesi | 1 Enfold | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4. | ||||
| CVE-2023-38388 | 1 Artbees | 1 Jupiter X Core | 2026-04-28 | 9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from n/a through 3.3.5. | ||||
| CVE-2023-37998 | 1 Saas | 1 Disabler | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler allows Cross Site Request Forgery.This issue affects Disabler: from n/a through 3.0.3. | ||||
| CVE-2023-37982 | 1 Crmperks | 1 Integration For Salesforce And Contact Form 7\, Wpforms\, Elementor\, Ninja Forms | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.3.3. | ||||
| CVE-2023-37978 | 1 Riverside | 1 Http Headers | 2026-04-28 | 4.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11. | ||||
| CVE-2023-37972 | 1 Multivendorx | 1 Product Stock Manager \& Notifier For Woocommerce | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1. | ||||
| CVE-2023-37890 | 1 Logon | 1 Kb Support | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in WPOmnia KB Support – WordPress Help Desk and Knowledge Base allows Accessing Functionality Not Properly Constrained by ACLs. Users with a role as low as a subscriber can view other customers.This issue affects KB Support – WordPress Help Desk and Knowledge Base: from n/a through 1.5.88. | ||||
| CVE-2023-37871 | 1 Automattic | 1 Woocommerce Gocardless | 2026-04-28 | 8.2 High |
| Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This issue affects GoCardless: from n/a through 2.5.6. | ||||
| CVE-2023-37867 | 1 Yet Another Stars Rating Project | 1 Yet Another Stars Rating | 2026-04-28 | 3.7 Low |
| Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plugin for WordPress: from n/a through 3.3.8. | ||||
| CVE-2023-37868 | 1 Leap13 | 1 Premium Addons | 2026-04-28 | 6.5 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0. | ||||
| CVE-2023-37390 | 1 Themesflat | 1 Themesflat Addons For Elementor | 2026-04-28 | 8.3 High |
| Deserialization of Untrusted Data vulnerability in Themesflat Themesflat Addons For Elementor.This issue affects Themesflat Addons For Elementor: from n/a through 2.0.0. | ||||
| CVE-2023-36682 | 1 Brainstormforce | 1 Schema | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7. | ||||
| CVE-2023-36685 | 1 Brainstormforce | 1 Cartflows | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12. | ||||