Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (80847 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-41665 1 Givewp 1 Givewp 2026-04-28 8.8 High
Improper Privilege Management vulnerability in GiveWP allows Privilege Escalation.This issue affects GiveWP: from n/a through 2.33.0.
CVE-2023-40555 1 Uxthemes 1 Flatsome 2026-04-28 8.3 High
Deserialization of Untrusted Data vulnerability in UX-themes Flatsome | Multi-Purpose Responsive WooCommerce Theme.This issue affects Flatsome | Multi-Purpose Responsive WooCommerce Theme: from n/a through 3.17.5.
CVE-2023-40335 1 Cyberws 1 Cleverwise Daily Quotes 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Jeremy O'Connell Cleverwise Daily Quotes allows Stored XSS.This issue affects Cleverwise Daily Quotes: from n/a through 3.2.
CVE-2023-40211 1 Pickplugins 1 Post Grid Combo 2026-04-28 7.5 High
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50.
CVE-2023-40000 1 Litespeedtech 1 Litespeed Cache 2026-04-28 8.3 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.
CVE-2023-39926 1 Acurax 1 Under Construction \/ Maintenance Mode 2026-04-28 7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Acurax Under Construction / Maintenance Mode from Acurax plugin <= 2.6 versions.
CVE-2023-39309 2 Avada, Wordpress 2 Fusion Builder, Wordpress 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2023-39313 1 Theme-fusion 1 Avada 2026-04-28 7.7 High
Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1.
CVE-2023-39163 1 Averta 1 Phlox Shop 2026-04-28 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Shop allows PHP Local File Inclusion.This issue affects Phlox Shop: from n/a through 2.0.0.
CVE-2023-39311 1 Avada 1 Fusion Builder 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2023-39166 1 Tagdiv 1 Tagdiv Composer 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before 4.4.
CVE-2023-39306 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2023-39307 1 Theme-fusion 1 Avada 2026-04-28 8.5 High
Unrestricted Upload of File with Dangerous Type vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1.
CVE-2023-38519 1 Mainwp 1 Mainwp Dashboard 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3.
CVE-2023-38474 1 Campaignmonitor 1 Campaign Monitor 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign Monitor for WordPress: from n/a through 2.8.12.
CVE-2023-38400 1 Kriesi 1 Enfold 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4.
CVE-2023-38393 2 Ninjaforma, Ninjaforms 2 Ninja Forms, Ninja Forms 2026-04-28 7.6 High
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.
CVE-2023-37871 1 Automattic 1 Woocommerce Gocardless 2026-04-28 8.2 High
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This issue affects GoCardless: from n/a through 2.5.6.
CVE-2023-37870 1 Woo 1 Woocommerce Warranty Requests 2026-04-28 8.1 High
Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.1.9.
CVE-2023-37390 1 Themesflat 1 Themesflat Addons For Elementor 2026-04-28 8.3 High
Deserialization of Untrusted Data vulnerability in Themesflat Themesflat Addons For Elementor.This issue affects Themesflat Addons For Elementor: from n/a through 2.0.0.