Export limit exceeded: 345004 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10478 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11742 | 2 Wordpress, Wpclever | 2 Wordpress, Wpc Smart Wishlist For Woocommerce | 2026-04-15 | 4.3 Medium |
| The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wishlist_quickview' AJAX action in all versions up to, and including, 5.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's wishlist data and information. | ||||
| CVE-2023-37984 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in ExpressTech Quiz And Survey Master allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through 8.1.10. | ||||
| CVE-2024-11851 | 2 Nitropack, Wordpress | 2 Nitropack, Wordpress | 2026-04-15 | 4.3 Medium |
| The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the nitropack_rml_notification function in all versions up to, and including, 1.17.0. This makes it possible for authenticated attackers, with subscriber access or higher, to update arbitrary transients. Note, that these transients can only be updated to integers and not arbitrary values. | ||||
| CVE-2024-33920 | 2026-04-15 | 5.3 Medium | ||
| Missing Authorization vulnerability in Kama Democracy Poll.This issue affects Democracy Poll: from n/a through 6.0.3. | ||||
| CVE-2024-54402 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Mohamed Abd Elhalim Arabic Webfonts arabic-webfonts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Arabic Webfonts: from n/a through <= 1.4.6. | ||||
| CVE-2025-67584 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6. | ||||
| CVE-2023-32519 | 1 Webcodin | 1 Wcp Contact Form | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0. | ||||
| CVE-2025-1404 | 2 Ays-pro, Wordpress | 2 Secure Copy Content Protection And Content Locking, Wordpress | 2026-04-15 | 5.3 Medium |
| The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to retrieve a list of registered user emails. | ||||
| CVE-2024-33923 | 2026-04-15 | 6.3 Medium | ||
| Missing Authorization vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a through 4.69. | ||||
| CVE-2024-10580 | 1 Wpmudev | 1 Hustle | 2026-04-15 | 5.3 Medium |
| The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized form submissions due to a missing capability check on the submit_form() function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated attackers to submit unpublished forms. | ||||
| CVE-2025-12134 | 2 Bdthemes, Wordpress | 2 Zoloblocks, Wordpress | 2026-04-15 | 5.3 Medium |
| The ZoloBlocks – Gutenberg Block Editor Plugin with Advanced Blocks, Dynamic Content, Templates & Patterns plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_popup_status() function in all versions up to, and including, 2.3.11. This makes it possible for unauthenticated attackers to enable/disable popups. | ||||
| CVE-2024-34815 | 2 Codection, Wordpress | 2 Import And Export Users And Customers, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.5. | ||||
| CVE-2025-62130 | 2 Wordpress, Wpdiscover | 2 Wordpress, Accordion Slider Gallery | 2026-04-15 | N/A |
| Missing Authorization vulnerability in wpdiscover Accordion Slider Gallery accordion-slider-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion Slider Gallery: from n/a through <= 2.7. | ||||
| CVE-2025-39531 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in slazzercom Slazzer Background Changer slazzer-background-changer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slazzer Background Changer: from n/a through <= 3.14. | ||||
| CVE-2024-33929 | 2 Wordpress, Wpwax | 2 Wordpress, Directorist | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in wpWax Directorist.This issue affects Directorist: from n/a through 7.8.6. | ||||
| CVE-2023-36680 | 2026-04-15 | 5.4 Medium | ||
| Missing Authorization vulnerability in Iulia Cazan Image Regenerate & Select Crop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Regenerate & Select Crop: from n/a through 7.1.0. | ||||
| CVE-2024-33925 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Adrian Mörchen Embed Google Fonts.This issue affects Embed Google Fonts: from n/a through 3.1.0. | ||||
| CVE-2025-48116 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Ashan Perera EventON eventon-lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects EventON: from n/a through <= 2.4.4. | ||||
| CVE-2023-23716 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Zendesk Zendesk Support for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zendesk Support for WordPress: from n/a through 1.8.4. | ||||
| CVE-2023-51526 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Brett Shumaker Simple Staff List.This issue affects Simple Staff List: from n/a through 2.2.4. | ||||