Export limit exceeded: 12284 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12284 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-48763 | 2 Crocoblock, Wordpress | 2 Jetformbuilder, Wordpress | 2026-04-28 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4. | ||||
| CVE-2023-47843 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0. | ||||
| CVE-2023-47774 | 2 Automattic, Wordpress | 2 Jetpack, Wordpress | 2026-04-28 | 5.4 Medium |
| Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7. | ||||
| CVE-2023-46784 | 2 Room 34 Creative Services, Wordpress | 2 Ics Calendar, Wordpress | 2026-04-28 | 8.2 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through 10.12.0.3. | ||||
| CVE-2023-45009 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive GmbH Captcha/Honeypot for Contact Form 7 allows Functionality Bypass.This issue affects Captcha/Honeypot for Contact Form 7: from n/a through 1.11.3. | ||||
| CVE-2023-44235 | 2 Devnath Verma, Wordpress | 2 Wp Captcha, Wordpress | 2026-04-28 | 5.3 Medium |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP Captcha allows Functionality Bypass.This issue affects WP Captcha: from n/a through 2.0.0. | ||||
| CVE-2023-39309 | 2 Avada, Wordpress | 2 Fusion Builder, Wordpress | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-39306 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-39310 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-32238 | 3 Codexthemes, Elementor, Wordpress | 3 Thegem, Elementor, Wordpress | 2026-04-28 | 5.4 Medium |
| Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects TheGem (Elementor): from n/a before 5.8.1.1; TheGem (WPBakery): from n/a before 5.8.1.1. | ||||
| CVE-2023-31234 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 6.3 Medium |
| Missing Authorization vulnerability in Tilda Publishing.This issue affects Tilda Publishing: from n/a through 0.3.23. | ||||
| CVE-2023-30480 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in Sparkle WP Educenter.This issue affects Educenter: from n/a through 1.5.5. | ||||
| CVE-2023-28787 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-04-28 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.4. | ||||
| CVE-2023-28687 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through <= 1.1.4; Fascinate: from n/a through 1.0.8; Cream Blog: from n/a through 2.1.3; Cream Magazine: from n/a through 2.1.4. | ||||
| CVE-2023-27630 | 2 Peepso, Wordpress | 2 Community By Peepso, Wordpress | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.0.9.0. | ||||
| CVE-2023-27440 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.2 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in OnTheGoSystems Types.This issue affects Types: from n/a through 3.4.17. | ||||
| CVE-2023-26540 | 2 Favethemes, Wordpress | 2 Houzez, Wordpress | 2026-04-28 | 9.8 Critical |
| Improper Privilege Management vulnerability in Favethemes Houzez allows Privilege Escalation.This issue affects Houzez: from n/a through 2.7.1. | ||||
| CVE-2023-25965 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.9 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in mbbhatti Upload Resume.This issue affects Upload Resume: from n/a through 1.2.0. | ||||
| CVE-2023-25790 | 2 Wordpress, Xtemos | 2 Wordpress, Woodmart | 2026-04-28 | 5.3 Medium |
| Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtemos WoodMart allows Cross-Site Scripting (XSS).This issue affects WoodMart: from n/a through 7.0.4. | ||||
| CVE-2023-25701 | 2 Watchtowerhq, Wordpress | 2 Watchtower, Wordpress | 2026-04-28 | 9.8 Critical |
| Improper Privilege Management vulnerability in WhatArmy WatchTowerHQ allows Privilege Escalation.This issue affects WatchTowerHQ: from n/a through 3.6.16. | ||||