Export limit exceeded: 346708 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346708 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346708 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27625 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through <= 6.5.0. | ||||
| CVE-2023-27609 | 1 Hyscaler | 1 Wp Roles At Registration | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration wp-roles-at-registration allows Stored XSS.This issue affects WP Roles at Registration: from n/a through <= 0.23. | ||||
| CVE-2023-27456 | 1 Hashthemes | 1 Total | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in hashthemes Total total allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total: from n/a through <= 2.1.19. | ||||
| CVE-2023-27454 | 2 Apollo13themes, Wordpress | 2 Rife Elementor Extensions & Templates, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in apollo13themes Rife Elementor Extensions & Templates rife-elementor-extensions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rife Elementor Extensions & Templates: from n/a through <= 1.1.10. | ||||
| CVE-2023-27449 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.3 Medium |
| Missing Authorization vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through <= 4.8.6. | ||||
| CVE-2023-27428 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in DamirCalusic WP users media wp-users-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through <= 4.2.3. | ||||
| CVE-2023-26522 | 1 Onewebsite | 1 Wp Repost | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in OneWebsite WP Repost wp-repost allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Repost: from n/a through <= 0.1. | ||||
| CVE-2023-26520 | 1 Advanced Text Widget Project | 1 Advanced Text Widget | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in Max Chirkov Advanced Text Widget advanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Text Widget : from n/a through <= 2.1.2. | ||||
| CVE-2023-26005 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Fitrush bw-fitrush allows PHP Local File Inclusion.This issue affects Fitrush: from n/a through <= 1.3.4. | ||||
| CVE-2023-26003 | 2026-04-23 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vipul Jariwala WP Post Corrector wp-post-corrector allows SQL Injection.This issue affects WP Post Corrector: from n/a through <= 1.0.2. | ||||
| CVE-2023-26002 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 6Storage Rentals: from n/a through <= 2.22.0. | ||||
| CVE-2023-26001 | 2026-04-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marchetti Design Next Event Calendar next-event-calendar allows Stored XSS.This issue affects Next Event Calendar: from n/a through <= 1.2. | ||||
| CVE-2023-26000 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hanhdo205 Bang tinh vay bang-tinh-lai-suat allows Stored XSS.This issue affects Bang tinh vay: from n/a through <= 1.0.1. | ||||
| CVE-2023-25999 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme BodyCenter - Gym, Fitness WooCommerce WordPress Theme bodycenter allows PHP Local File Inclusion.This issue affects BodyCenter - Gym, Fitness WooCommerce WordPress Theme: from n/a through <= 2.4. | ||||
| CVE-2023-25998 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Samex - Clean, Minimal Shop WooCommerce WordPress Theme samex allows PHP Local File Inclusion.This issue affects Samex - Clean, Minimal Shop WooCommerce WordPress Theme: from n/a through <= 2.6. | ||||
| CVE-2023-25997 | 2026-04-23 | 6.5 Medium | ||
| Missing Authorization vulnerability in SolaPlugins Sola Support Ticket sola-support-tickets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sola Support Ticket: from n/a through <= 3.18. | ||||
| CVE-2023-25995 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator ai-mortgage-calculator allows PHP Local File Inclusion.This issue affects AI Mortgage Calculator: from n/a through <= 1.0.1. | ||||
| CVE-2023-25993 | 2 Webberzone, Wordpress | 2 Top 10, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Ajay Top 10 top-10 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top 10: from n/a through <= 3.2.3. | ||||
| CVE-2023-25988 | 2026-04-23 | 7.5 High | ||
| Missing Authorization vulnerability in totalsoft Video Gallery – YouTube Gallery gallery-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Gallery – YouTube Gallery: from n/a through <= 1.7.6. | ||||
| CVE-2023-25966 | 1 Ninjateam | 1 Filebird | 2026-04-23 | 5.5 Medium |
| Missing Authorization vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through <= 5.1.4. | ||||