Export limit exceeded: 344621 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344621 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39660 | 2 Automattic, Wordpress | 2 Wp Job Manager, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.1. | ||||
| CVE-2026-39663 | 2 Themetechmount, Wordpress | 2 Truebooker, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.5. | ||||
| CVE-2026-39665 | 2 Vladimir Prelovac, Wordpress | 2 Seo Friendly Images, Wordpress | 2026-04-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Prelovac SEO Friendly Images seo-image allows DOM-Based XSS.This issue affects SEO Friendly Images: from n/a through <= 3.0.5. | ||||
| CVE-2026-39667 | 2 Jongmyoung Kim, Wordpress | 2 Korea Sns, Wordpress | 2026-04-14 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jongmyoung Kim Korea SNS korea-sns allows DOM-Based XSS.This issue affects Korea SNS: from n/a through <= 1.7.0. | ||||
| CVE-2026-39669 | 2 Nitropack, Wordpress | 2 Nitropack, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in NitroPack NitroPack nitropack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NitroPack: from n/a through <= 1.19.3. | ||||
| CVE-2026-39671 | 2 Dotstore, Wordpress | 2 Extra Fees Plugin For Woocommerce, Wordpress | 2026-04-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Dotstore Extra Fees Plugin for WooCommerce woo-conditional-product-fees-for-checkout allows Cross Site Request Forgery.This issue affects Extra Fees Plugin for WooCommerce: from n/a through <= 4.3.3. | ||||
| CVE-2026-39673 | 2 Shrikantkale, Wordpress | 2 Izooto, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in shrikantkale iZooto izooto-web-push allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iZooto: from n/a through <= 3.7.20. | ||||
| CVE-2026-39675 | 2 Webmuehle, Wordpress | 2 Court Reservation, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in webmuehle Court Reservation court-reservation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Court Reservation: from n/a through <= 1.10.11. | ||||
| CVE-2026-39677 | 2 Creatives Planet, Wordpress | 2 Emphires, Wordpress | 2026-04-14 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Emphires emphires allows PHP Local File Inclusion.This issue affects Emphires: from n/a through <= 3.9. | ||||
| CVE-2026-39679 | 2 Apustheme, Wordpress | 2 Freeio, Wordpress | 2026-04-14 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Freeio freeio allows PHP Local File Inclusion.This issue affects Freeio: from n/a through <= 1.3.21. | ||||
| CVE-2026-39681 | 2 Apustheme, Wordpress | 2 Homeo, Wordpress | 2026-04-14 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Homeo homeo allows PHP Local File Inclusion.This issue affects Homeo: from n/a through <= 1.2.59. | ||||
| CVE-2026-39683 | 2 Chief Gnome, Wordpress | 2 Garden Gnome Package, Wordpress | 2026-04-14 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through <= 2.4.1. | ||||
| CVE-2026-39685 | 2 Lvaudore, Wordpress | 2 The Moneytizer, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in lvaudore The Moneytizer the-moneytizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Moneytizer: from n/a through <= 10.0.10. | ||||
| CVE-2026-39687 | 2 Rapid Car Check, Wordpress | 2 Rapid Car Check Vehicle Data, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in Rapid Car Check Rapid Car Check Vehicle Data free-vehicle-data-uk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rapid Car Check Vehicle Data: from n/a through <= 2.0. | ||||
| CVE-2026-39689 | 2 Eshipper, Wordpress | 2 Eshipper Commerce, Wordpress | 2026-04-14 | N/A |
| Missing Authorization vulnerability in eshipper eShipper Commerce eshipper-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eShipper Commerce: from n/a through <= 2.16.12. | ||||
| CVE-2026-39691 | 2 Adastracrypto, Wordpress | 2 Cryptocurrency Donation Box – Bitcoin & Crypto Donations, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in AdAstraCrypto Cryptocurrency Donation Box – Bitcoin & Crypto Donations cryptocurrency-donation-box allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Donation Box – Bitcoin & Crypto Donations: from n/a through <= 2.2.13. | ||||
| CVE-2026-39693 | 2 Fesomia, Wordpress | 2 Fsm Custom Featured Image Caption, Wordpress | 2026-04-14 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fesomia FSM Custom Featured Image Caption fsm-custom-featured-image-caption allows DOM-Based XSS.This issue affects FSM Custom Featured Image Caption: from n/a through <= 1.25.1. | ||||
| CVE-2026-39695 | 2 Podigee, Wordpress | 2 Podigee, Wordpress | 2026-04-14 | 5.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in podigee Podigee podigee allows Server Side Request Forgery.This issue affects Podigee: from n/a through <= 1.4.0. | ||||
| CVE-2026-39697 | 2 Hbss Technologies, Wordpress | 2 Maio – The New Ai Geo / Seo Tool, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in HBSS Technologies MAIO – The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAIO – The new AI GEO / SEO tool: from n/a through <= 6.2.8. | ||||
| CVE-2026-39699 | 2 Massiveshift, Wordpress | 2 Ai Workflow Automation, Wordpress | 2026-04-14 | 5.3 Medium |
| Missing Authorization vulnerability in massiveshift AI Workflow Automation ai-workflow-automation-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Workflow Automation: from n/a through <= 1.4.2. | ||||