Export limit exceeded: 347144 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347144 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25933 | 1 Peprodev | 1 Peprodev Ultimate Invoice | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7. | ||||
| CVE-2024-25927 | 2 Jmash, Wordpress | 2 Postmash, Wordpress | 2026-04-28 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Joel Starnes postMash – custom post order.This issue affects postMash – custom post order: from n/a through 1.2.0. | ||||
| CVE-2024-25915 | 2 Raajtram, Wordpress | 2 Pexels\, Wordpress | 2026-04-28 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2. | ||||
| CVE-2024-25903 | 1 Najeebmedia | 1 Frontend File Manager | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7. | ||||
| CVE-2024-25902 | 2 Miniorange, Wordpress | 2 Malware Scanner, Wordpress | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2. | ||||
| CVE-2024-25598 | 1 Livemeshelementor | 1 Addons For Elementor | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addons for Elementor: from n/a through 8.3. | ||||
| CVE-2024-25100 | 1 Wpswings | 1 Coupon Referral Program | 2026-04-28 | 10 Critical |
| Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program allows Object Injection.This issue affects Coupon Referral Program: from n/a before 1.8.4. | ||||
| CVE-2024-24868 | 1 Smartypantsplugins | 1 Sp Project \& Document Manager | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.69. | ||||
| CVE-2024-24799 | 2 Woocommerce, Wordpress | 3 Box Office, Woocommerce Box Office, Wordpress | 2026-04-28 | 6.5 Medium |
| Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2. | ||||
| CVE-2024-22162 | 1 Wpzoom | 1 Wpzoom Shortcodes | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Shortcodes allows Reflected XSS.This issue affects WPZOOM Shortcodes: from n/a through 1.0.3. | ||||
| CVE-2023-52190 | 1 Wpswings | 1 Coupon Referral Program | 2026-04-28 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. | ||||
| CVE-2023-52135 | 1 Westguardsolutions | 1 Ws Form | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE – Drag & Drop Contact Form Builder for WordPress.This issue affects WS Form LITE – Drag & Drop Contact Form Builder for WordPress: from n/a through 1.9.170. | ||||
| CVE-2023-51531 | 2 Thrivethemes, Wordpress | 2 Thrive Automator, Wordpress | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17. | ||||
| CVE-2023-51530 | 1 Gsplugins | 1 Logo Slider | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in GS Plugins Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation.This issue affects Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation: from n/a through 3.5.1. | ||||
| CVE-2023-51528 | 2 Aipower, Wordpress | 2 Aipower, Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.12. | ||||
| CVE-2023-51525 | 1 Wpsimplebookingcalendar | 1 Wp Simple Booking Calendar | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg WP Simple Booking Calendar.This issue affects WP Simple Booking Calendar: from n/a through 2.0.8.4. | ||||
| CVE-2023-51486 | 1 Rednao | 1 Woocommerce Pdf Invoice Builder | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in RedNao WooCommerce PDF Invoice Builder.This issue affects WooCommerce PDF Invoice Builder: from n/a through 1.2.101. | ||||
| CVE-2023-51484 | 1 Wp-buy | 1 Login As User Or Customer \(user Switching\) | 2026-04-28 | 9.8 Critical |
| Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows Privilege Escalation.This issue affects Login as User or Customer (User Switching): from n/a through 3.8. | ||||
| CVE-2023-50905 | 2 Melapress, Wordpress | 2 Wp Activity Log, Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows Stored XSS.This issue affects WP Activity Log: from n/a through 4.6.1. | ||||
| CVE-2023-50899 | 2026-04-28 | 5.4 Medium | ||
| Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through 5.0.2. | ||||