Export limit exceeded: 11887 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11887 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32489 | 2 Bplugins, Wordpress | 2 B Blocks, Wordpress | 2026-03-30 | 6.5 Medium |
| Missing Authorization vulnerability in bPlugins B Blocks b-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Blocks: from n/a through < 2.0.30. | ||||
| CVE-2026-32490 | 2 Ljapps, Wordpress | 2 Wp Tripadvisor Review Slider, Wordpress | 2026-03-30 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through <= 14.1. | ||||
| CVE-2026-27045 | 2 Sbthemes, Wordpress | 2 Woocommerce Infinite Scroll, Wordpress | 2026-03-30 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in sbthemes WooCommerce Infinite Scroll sb-woocommerce-infinite-scroll allows Object Injection.This issue affects WooCommerce Infinite Scroll: from n/a through <= 1.6.2. | ||||
| CVE-2026-32491 | 2 Jgwhite33, Wordpress | 2 Wp Review Slider, Wordpress | 2026-03-30 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Slider: from n/a through <= 13.9. | ||||
| CVE-2026-25317 | 2 Tychesoftwares, Wordpress | 2 Print Invoice & Delivery Notes For Woocommerce, Wordpress | 2026-03-30 | 7.5 High |
| Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce woocommerce-delivery-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through <= 5.9.0. | ||||
| CVE-2026-32493 | 2 Eyecix, Wordpress | 2 Jobsearch, Wordpress | 2026-03-30 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through <= 3.2.0. | ||||
| CVE-2026-32494 | 2 Ays-pro, Wordpress | 2 Image Slider, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through <= 2.7.1. | ||||
| CVE-2026-32495 | 2 Linksoftwarellc, Wordpress | 2 Wp Terms Popup, Wordpress | 2026-03-30 | 7.5 High |
| Missing Authorization vulnerability in Link Software LLC WP Terms Popup wp-terms-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Terms Popup: from n/a through <= 2.10.0. | ||||
| CVE-2026-32496 | 2 Nysl, Wordpress | 2 Spam Protect For Contact Form 7, Wordpress | 2026-03-30 | 6.7 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NYSL Spam Protect for Contact Form 7 wp-contact-form-7-spam-blocker allows Path Traversal.This issue affects Spam Protect for Contact Form 7: from n/a through <= 1.2.9. | ||||
| CVE-2026-32498 | 2 Metagauss, Wordpress | 2 Registrationmagic, Wordpress | 2026-03-30 | 7.5 High |
| Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through <= 6.0.7.6. | ||||
| CVE-2026-32499 | 2 Quantumcloud, Wordpress | 2 Chatbot, Wordpress | 2026-03-30 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through <= 7.7.9. | ||||
| CVE-2026-32500 | 2 Creativews, Wordpress | 2 Metamax, Wordpress | 2026-03-30 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS MetaMax metamax allows PHP Local File Inclusion.This issue affects MetaMax: from n/a through <= 1.1.4. | ||||
| CVE-2026-32501 | 2 Wordpress, Wp-configurator | 2 Wordpress, Wp Configurator Pro | 2026-03-30 | 7.1 High |
| Missing Authorization vulnerability in wp-configurator WP Configurator Pro wp-configurator-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Configurator Pro: from n/a through <= 3.7.9. | ||||
| CVE-2026-32502 | 2 Select-themes, Wordpress | 2 Borgholm, Wordpress | 2026-03-30 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing-agency-theme allows Object Injection.This issue affects Borgholm: from n/a through < 1.6. | ||||
| CVE-2026-27095 | 2 Mage-people, Wordpress | 2 Bus Ticket Booking With Seat Reservation, Wordpress | 2026-03-30 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Object Injection.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through <= 5.6.0. | ||||
| CVE-2026-27088 | 2 G5theme, Wordpress | 2 Darna Framework, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Darna Framework darna-framework allows Reflected XSS.This issue affects Darna Framework: from n/a through <= 2.9. | ||||
| CVE-2026-27087 | 2 G5theme, Wordpress | 2 Wolverine Framework, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine Framework: from n/a through <= 1.9. | ||||
| CVE-2026-27084 | 2 Themerex, Wordpress | 2 Buisson, Wordpress | 2026-03-30 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object Injection.This issue affects Buisson: from n/a through <= 1.1.11. | ||||
| CVE-2026-27083 | 2 Themerex, Wordpress | 2 Work & Travel Company, Wordpress | 2026-03-30 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel-company allows Object Injection.This issue affects Work & Travel Company: from n/a through <= 1.2. | ||||
| CVE-2026-27082 | 2 Themerex, Wordpress | 2 Love Story, Wordpress | 2026-03-30 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through <= 1.3.12. | ||||