Export limit exceeded: 364918 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 13898 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13898 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40608 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 8.2 High |
| Missing Authorization vulnerability in Paid Memberships Pro Paid Memberships Pro CCBill Gateway.This issue affects Paid Memberships Pro CCBill Gateway: from n/a through 0.3. | ||||
| CVE-2023-40679 | 2 Jeweltheme, Wordpress | 2 Master Addons For Elementor, Wordpress | 2026-04-15 | 6.5 Medium |
| Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through 2.0.5.3. | ||||
| CVE-2023-41134 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.3 Medium |
| Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3. | ||||
| CVE-2023-41656 | 3 Elementor, Wordpress, Wpdive | 3 Elementor, Wordpress, Better Addons For Elementor | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in wpdive Better Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Elementor Addons: from n/a through 1.3.7. | ||||
| CVE-2023-44478 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Hive Events Rich Snippets for Google allows Exploitation of Trusted Credentials.This issue affects Events Rich Snippets for Google: from n/a through 1.8. | ||||
| CVE-2023-45652 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Justin Silver Remote Content Shortcode allows PHP Local File Inclusion.This issue affects Remote Content Shortcode: from n/a through 1.5. | ||||
| CVE-2023-45658 | 2 Posimyth, Wordpress | 2 Nexter, Wordpress | 2026-04-15 | 7.6 High |
| Missing Authorization vulnerability in POSIMYTH Nexter.This issue affects Nexter: from n/a through 2.0.3. | ||||
| CVE-2023-47232 | 2 Mojofywp, Wordpress | 2 Wp Affiliate Disclosure, Wordpress | 2026-04-15 | 4.3 Medium |
| Vulnerability in mojofywp WP Affiliate Disclosure wp-affiliate-disclosure.This issue affects WP Affiliate Disclosure: from n/a through 1.2.6. | ||||
| CVE-2023-47683 | 2 Miniorange, Wordpress | 2 Wordpress Social Login And Register (discord, Google, Twitter, Linkedin), Wordpress | 2026-04-15 | 8 High |
| Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.6. | ||||
| CVE-2023-47845 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through 1.0.4. | ||||
| CVE-2023-48273 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Preloader for Website.This issue affects Preloader for Website: from n/a through 1.2.2. | ||||
| CVE-2023-48335 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 3.7 Low |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Webcraftic Hide login page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hide login page: from n/a through 1.1.9. | ||||
| CVE-2023-48753 | 2 10up, Wordpress | 2 Restricted Site Access, Wordpress | 2026-04-15 | 5.3 Medium |
| Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1. | ||||
| CVE-2023-48757 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2026-04-15 | 8.8 High |
| Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4. | ||||
| CVE-2023-49186 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KlbTheme Machic Core allows DOM-Based XSS.This issue affects Machic Core: from n/a through 1.2.6. | ||||
| CVE-2023-49741 | 2 Wordpress, Wpdevart | 2 Wordpress, Coming Soon And Maintenance Mode | 2026-04-15 | 3.7 Low |
| Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through 3.7.3. | ||||
| CVE-2023-49748 | 2 Wordpress, Wpserveur | 2 Wordpress, Wps Hide Login | 2026-04-15 | 3.7 Low |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPServeur, NicolasKulka, wpformation WPS Hide Login allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPS Hide Login: from n/a through 1.9.11. | ||||
| CVE-2023-50897 | 2 Meow Apps, Wordpress | 2 Media File Renamer, Wordpress | 2026-04-15 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Meow Apps Media File Renamer allows Using Malicious Files.This issue affects Media File Renamer: from n/a through 5.7.7. | ||||
| CVE-2023-51416 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in EnvialoSimple EnvíaloSimple.This issue affects EnvíaloSimple: from n/a through 2.2. | ||||
| CVE-2023-51513 | 2 Infinitumform, Wordpress | 2 Geo Controller, Wordpress | 2026-04-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2. | ||||