Export limit exceeded: 11845 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11845 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40011 | 2 Stylemixthemes, Wordpress | 2 Cost Calculator Builder, Wordpress | 2025-07-12 | 5.4 Medium |
| Missing Authorization vulnerability in StylemixThemes Cost Calculator Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator Builder: from n/a through 3.1.42. | ||||
| CVE-2023-41955 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2025-07-12 | 8.8 High |
| Improper Privilege Management vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.This issue affects Essential Addons for Elementor: from n/a through 5.8.8. | ||||
| CVE-2023-47187 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 5.4 Medium |
| Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through 5.4. | ||||
| CVE-2024-32137 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin User Activity Log Pro.This issue affects User Activity Log Pro: from n/a through 2.3.4. | ||||
| CVE-2024-34760 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockart Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a through 1.3.6. | ||||
| CVE-2024-25917 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.8 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodeRevolution WP Setup Wizard.This issue affects WP Setup Wizard: from n/a through 1.0.8.1. | ||||
| CVE-2024-34549 | 2 Automattic, Wordpress | 2 Wp Job Manager, Wordpress | 2025-07-12 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic WP Job Manager.This issue affects WP Job Manager: from n/a through 2.2.2. | ||||
| CVE-2024-51800 | 2 Favethemes, Wordpress | 2 Homey, Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in Favethemes Homey allows Privilege Escalation.This issue affects Homey: from n/a through 2.4.1. | ||||
| CVE-2024-31265 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 3.7 Low |
| Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a through 1.34. | ||||
| CVE-2024-49678 | 2 Jinwen, Wordpress | 2 Js Paper, Wordpress | 2025-07-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jinwen js allows Reflected XSS.This issue affects js paper: from n/a through 2.5.7. | ||||
| CVE-2024-33592 | 2 Softlab, Wordpress | 2 Radio Player, Wordpress | 2025-07-12 | 5.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. | ||||
| CVE-2023-23872 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.9 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in German Mesky GMAce allows Path Traversal.This issue affects GMAce: from n/a through 1.5.2. | ||||
| CVE-2024-29914 | 2 Motopress, Wordpress | 2 Stratum, Wordpress | 2025-07-12 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MotoPress Stratum allows Stored XSS.This issue affects Stratum: from n/a through 1.3.15. | ||||
| CVE-2024-34442 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 5.3 Medium |
| Missing Authorization vulnerability in weDevs weDocs.This issue affects weDocs: from n/a through 2.1.4. | ||||
| CVE-2024-38700 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 6.5 Medium |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in realmag777 WPCS allows Code Injection.This issue affects WPCS: from n/a through 1.2.0.3. | ||||
| CVE-2025-31430 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in themeton The Business allows Object Injection. This issue affects The Business: from n/a through 1.6.1. | ||||
| CVE-2024-32777 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.5 High |
| Missing Authorization vulnerability in BizSwoop a CPF Concepts, LLC Brand BizPrint.This issue affects BizPrint: from n/a through 4.3.39. | ||||
| CVE-2024-30523 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 5.3 Medium |
| Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Mailchimp Add On pmpro-mailchimp.This issue affects Paid Memberships Pro – Mailchimp Add On: from n/a through 2.3.4. | ||||
| CVE-2024-32688 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 6.5 Medium |
| Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0. | ||||
| CVE-2024-32509 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 6.5 Medium |
| Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76. | ||||