Export limit exceeded: 10331 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10661 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10661 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-47646 | 2026-04-01 | N/A | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in tomlister Payflex Payment Gateway payflex-payment-gateway.This issue affects Payflex Payment Gateway: from n/a through <= 2.6.1. | ||||
| CVE-2024-47354 | 2026-04-01 | N/A | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wp.insider Simple Membership After Login Redirection simple-membership-after-login-redirection.This issue affects Simple Membership After Login Redirection: from n/a through <= 1.6. | ||||
| CVE-2024-47353 | 1 Quomodosoft | 1 Elementsready | 2026-04-01 | 6.1 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in quomodosoft ElementsReady Addons for Elementor element-ready-lite.This issue affects ElementsReady Addons for Elementor: from n/a through 6.4.2. | ||||
| CVE-2024-47316 | 1 Salonbookingsystem | 1 Salon Booking System | 2026-04-01 | 8.8 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Dimitri Grassi Salon booking system salon-booking-system.This issue affects Salon booking system: from n/a through <= 10.9. | ||||
| CVE-2024-43266 | 1 Wpjobportal | 1 Wp Job Portal | 2026-04-01 | 8.8 High |
| Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal.This issue affects WP Job Portal: from n/a through <= 2.1.8. | ||||
| CVE-2024-43239 | 1 Masteriyo | 1 Masteriyo | 2026-04-01 | 8.1 High |
| Authorization Bypass Through User-Controlled Key vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.11.4. | ||||
| CVE-2025-70032 | 2 Sunbird, Sunbird-ed | 2 Sunbirded-portal, Sunbirded-portal | 2026-04-01 | 6.1 Medium |
| An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2026-25392 | 2 Kaizencoders, Wordpress | 2 Update Urls – Quick And Easy Way To Search Old Links And Replace Them With New Links In Wordpress, Wordpress | 2026-04-01 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KaizenCoders Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress update-urls allows Phishing.This issue affects Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress: from n/a through <= 1.4.1. | ||||
| CVE-2025-69394 | 2 Cnvrse, Wordpress | 2 Cnvrse, Wordpress | 2026-04-01 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cnvrse: from n/a through < 026.02.10.20. | ||||
| CVE-2025-68997 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.43. | ||||
| CVE-2025-68602 | 2 Scott Paterson, Wordpress | 2 Accept Donations With Paypal, Wordpress | 2026-04-01 | 6.1 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Accept Donations with PayPal & Stripe easy-paypal-donation allows Phishing.This issue affects Accept Donations with PayPal & Stripe: from n/a through <= 1.5.2. | ||||
| CVE-2025-68071 | 2 G5theme, Wordpress | 2 Essential Real Estate, Wordpress | 2026-04-01 | 6.5 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Real Estate: from n/a through <= 5.2.9. | ||||
| CVE-2025-66132 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 6.5 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in FAPI Business s.r.o. FAPI Member fapi-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAPI Member: from n/a through <= 2.2.29. | ||||
| CVE-2025-64250 | 2 Wordpress, Wpwax | 2 Wordpress, Directorist | 2026-04-01 | 6.1 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wpWax Directorist directorist allows Phishing.This issue affects Directorist: from n/a through <= 8.6.6. | ||||
| CVE-2025-49952 | 2 Favethemes, Wordpress | 2 Houzez, Wordpress | 2026-04-01 | 6.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in favethemes Houzez houzez allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Houzez: from n/a through <= 4.2.5. | ||||
| CVE-2026-3321 | 1 On24 | 2 On24 Q&a Chat, On24 Q A Chat | 2026-04-01 | N/A |
| A vulnerability of authorization bypass through user-controlled key in the 'console-survey/api/v1/answer/{EVENTID}/{TIMESTAMP}/' endpoint. Exploiting this vulnerability would allow an unauthenticated attacker to enumerate event IDs and obtain the complete Q&A history. This publicly exposed data may include IDs, private URLs, private messages, internal references, or other sensitive information that should only be exposed to authenticated users. In addition, the leaked content could be exploited to facilitate other malicious activities, such as reconnaissance for lateral movement, exploitation of related systems, or unauthorised access to internal applications referenced in the content of chat messages. | ||||
| CVE-2026-25324 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-04-01 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.4. | ||||
| CVE-2026-25005 | 2 N-media, Wordpress | 2 Frontend File Manager, Wordpress | 2026-04-01 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through <= 23.5. | ||||
| CVE-2026-24991 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extensions For CF7: from n/a through <= 3.4.0. | ||||
| CVE-2026-24950 | 2 Themeplugs, Wordpress | 2 Authorsy, Wordpress | 2026-04-01 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: from n/a through <= 1.0.6. | ||||