Export limit exceeded: 10441 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10441 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40211 | 1 Pickplugins | 1 Post Grid Combo | 2026-04-28 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. | ||||
| CVE-2023-37972 | 1 Multivendorx | 1 Product Stock Manager \& Notifier For Woocommerce | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1. | ||||
| CVE-2023-37868 | 1 Leap13 | 1 Premium Addons | 2026-04-28 | 6.5 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0. | ||||
| CVE-2023-36523 | 1 Gopiplus | 1 Email Download Link | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email download link.This issue affects Email download link: from n/a through 3.7. | ||||
| CVE-2023-36507 | 1 Reputeinfosystems | 1 Bookingpress | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64. | ||||
| CVE-2023-28421 | 1 Winwar | 1 Wp Email Capture | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP Email Capture: from n/a through 3.10. | ||||
| CVE-2023-27630 | 2 Peepso, Wordpress | 2 Community By Peepso, Wordpress | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.0.9.0. | ||||
| CVE-2023-27447 | 1 Veronalabs | 1 Wp Sms | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc.This issue affects WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc: from n/a through 6.0.4. | ||||
| CVE-2023-26533 | 1 Gesundheit-bewegt | 1 Zippy | 2026-04-28 | 6.5 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.1. | ||||
| CVE-2023-25965 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.9 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in mbbhatti Upload Resume.This issue affects Upload Resume: from n/a through 1.2.0. | ||||
| CVE-2023-25057 | 1 Libsyn | 1 Libsyn Publisher Hub | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.3.2. | ||||
| CVE-2023-2487 | 1 Smackcoders | 1 Export All Posts\, Products\, Orders\, Refunds \& Users | 2026-04-28 | 5.9 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Smackcoders Export All Posts, Products, Orders, Refunds & Users.This issue affects Export All Posts, Products, Orders, Refunds & Users: from n/a through 2.4.1. | ||||
| CVE-2022-47597 | 1 Code-atlantic | 1 Popup Maker | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Popup Maker Popup Maker – Popup for opt-ins, lead gen, & more.This issue affects Popup Maker – Popup for opt-ins, lead gen, & more: from n/a through 1.17.1. | ||||
| CVE-2022-47160 | 1 Wpmet | 1 Wp Social Login And Register Social Counter | 2026-04-28 | 6.5 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wpmet Wp Social Login and Register Social Counter.This issue affects Wp Social Login and Register Social Counter: from n/a through 1.9.0. | ||||
| CVE-2022-45354 | 1 Wpchill | 1 Download Monitor | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.7.60. | ||||
| CVE-2022-44589 | 1 Miniorange | 1 Google Authenticator | 2026-04-28 | 8.1 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in miniOrange miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login.This issue affects miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login: from n/a through 5.6.1. | ||||
| CVE-2022-40696 | 1 Advancedcustomfields | 1 Advanced Custom Fields | 2026-04-28 | 3.7 Low |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced Custom Fields (ACF).This issue affects Advanced Custom Fields (ACF): from 3.1.1 through 6.0.2. | ||||
| CVE-2022-36399 | 1 Boxystudio | 1 Booked | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BoxyStudio Booked - Appointment Booking for WordPress | Calendars.This issue affects Booked - Appointment Booking for WordPress | Calendars: from n/a before 2.4.4. | ||||
| CVE-2025-15381 | 2 Lfprojects, Mlflow | 2 Mlflow, Mlflow/mlflow | 2026-04-28 | 7.1 High |
| In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected. | ||||
| CVE-2025-24146 | 1 Apple | 1 Macos | 2026-04-28 | 9.8 Critical |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. Deleting a conversation in Messages may expose user contact information in system logging. | ||||