Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 80847 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80847 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-50905 | 2 Melapress, Wordpress | 2 Wp Activity Log, Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows Stored XSS.This issue affects WP Activity Log: from n/a through 4.6.1. | ||||
| CVE-2023-50854 | 1 Squirrly | 1 Seo Plugin By Squirrly Seo | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Squirrly Squirrly SEO - Advanced Pack.This issue affects Squirrly SEO - Advanced Pack: from n/a before 2.4.02. | ||||
| CVE-2023-49817 | 1 Woocommerce | 1 Checkout Field Editor | 2026-04-28 | 8.2 High |
| Missing Authorization vulnerability in heoLixfy Flexible Woocommerce Checkout Field Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flexible Woocommerce Checkout Field Editor: from n/a through 2.0.1. | ||||
| CVE-2023-47784 | 1 Themepunch | 1 Slider Revolution | 2026-04-28 | 8.4 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.6.15. | ||||
| CVE-2023-47517 | 1 Pressified | 1 Sendpress | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions. | ||||
| CVE-2023-47516 | 1 Starkdigital | 1 Category Post List Widget | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Stark Digital Category Post List Widget allows Stored XSS.This issue affects Category Post List Widget: from n/a through 2.0. | ||||
| CVE-2023-46823 | 1 Avirtum | 1 Imagelinks | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4. | ||||
| CVE-2023-46822 | 1 Visser | 1 Store Exporter For Woocommerce | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting') vulnerability in Visser Labs Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin <= 2.7.2 versions. | ||||
| CVE-2023-46821 | 1 Dev4press | 1 Gd Security Headers | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Milan Petrovic GD Security Headers allows auth. (admin+) SQL Injection.This issue affects GD Security Headers: from n/a through 1.7. | ||||
| CVE-2023-46643 | 1 Cloudnet360 | 1 Cloudnet360 | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions. | ||||
| CVE-2023-46632 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Missing Authorization vulnerability in David Cramer My Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Shortcodes: from n/a through 2.3. | ||||
| CVE-2023-46627 | 1 Freelancer-coder | 1 Wordpress Simple Html Sitemap | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin <= 2.1 versions. | ||||
| CVE-2023-46621 | 1 Enejbajgoric\/gagansandhu\/ctltdev | 1 User Avatar | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Enej Bajgoric / Gagan Sandhu / CTLT DEV User Avatar plugin <= 1.4.11 versions. | ||||
| CVE-2023-45657 | 1 Posimyth | 1 Nexter | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3. | ||||
| CVE-2023-45001 | 1 Castos | 1 Seriously Simple Stats | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Castos Seriously Simple Stats allows SQL Injection.This issue affects Seriously Simple Stats: from n/a through 1.5.0. | ||||
| CVE-2023-45000 | 3 Litespeed Technologies, Litespeedtech, Wordpress | 3 Litespeed Cache, Litespeed Cache, Wordpress | 2026-04-28 | 8.2 High |
| Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7. | ||||
| CVE-2023-41685 | 1 Ilghera | 1 Woocommerce Support System | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ilGhera Woocommerce Support System allows SQL Injection.This issue affects Woocommerce Support System: from n/a through 1.2.1. | ||||
| CVE-2023-40609 | 1 Rocklobster | 1 Contact Form 7 Custom Validation | 2026-04-28 | 8.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aiyaz, maheshpatel Contact form 7 Custom validation allows SQL Injection.This issue affects Contact form 7 Custom validation: from n/a through 1.1.3. | ||||
| CVE-2023-40205 | 1 Pixelgrade | 1 Pixtypes | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pixelgrade PixTypes plugin <= 1.4.15 versions. | ||||
| CVE-2023-38385 | 1 Artbees | 1 Jupiter X Core | 2026-04-28 | 8.3 High |
| Missing Authorization vulnerability in Artbees JupiterX Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JupiterX Core: from 3.0.0 through 3.3.0. | ||||