Export limit exceeded: 340865 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (340865 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33268 | 1 Nanoleaf | 1 Lines | 2026-03-26 | 6.5 Medium |
| Nanoleaf Lines 12.3.2 does not authenticate firmware file uploads. A remote, unauthenticated attacker can upload firmware files on the device and consume storage resources. Fixed in 12.3.6. | ||||
| CVE-2026-22448 | 2 Flexcubed, Wordpress | 2 Pitchprint, Wordpress | 2026-03-26 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in flexcubed PitchPrint pitchprint allows Path Traversal.This issue affects PitchPrint: from n/a through <= 11.1.2. | ||||
| CVE-2026-23806 | 2 Blueglass Interactive Ag, Wordpress | 2 Jobs For Wordpress, Wordpress | 2026-03-26 | N/A |
| Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through <= 2.8. | ||||
| CVE-2026-23971 | 2 Wordpress, Xtemos | 2 Wordpress, Woodmart | 2026-03-26 | N/A |
| Deserialization of Untrusted Data vulnerability in xtemos WoodMart woodmart allows Object Injection.This issue affects WoodMart: from n/a through <= 8.3.8. | ||||
| CVE-2026-24362 | 2 Bdthemes, Wordpress | 2 Ultimate Post Kit, Wordpress | 2026-03-26 | N/A |
| Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through <= 4.0.21. | ||||
| CVE-2026-24373 | 2 Metagauss, Wordpress | 2 Registrationmagic, Wordpress | 2026-03-26 | N/A |
| Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through <= 6.0.7.1. | ||||
| CVE-2026-24968 | 2 Wordpress, Xagio | 2 Wordpress, Xagio Seo | 2026-03-26 | N/A |
| Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege Escalation.This issue affects Xagio SEO: from n/a through <= 7.1.0.30. | ||||
| CVE-2026-24970 | 2 Designingmedia, Wordpress | 2 Energox, Wordpress | 2026-03-26 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Energox energox allows Path Traversal.This issue affects Energox: from n/a through <= 1.2. | ||||
| CVE-2026-25026 | 2 Radiustheme, Wordpress | 2 Team, Wordpress | 2026-03-26 | N/A |
| Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.11. | ||||
| CVE-2026-25309 | 2 Publishpress, Wordpress | 2 Publishpress Authors, Wordpress | 2026-03-26 | N/A |
| Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Authors: from n/a through <= 4.10.1. | ||||
| CVE-2026-25334 | 2 Wordpress, Wordpresschef | 2 Wordpress, Salon Booking System Pro | 2026-03-26 | N/A |
| Incorrect Privilege Assignment vulnerability in wordpresschef Salon Booking System Pro salon-booking-plugin-pro allows Privilege Escalation.This issue affects Salon Booking System Pro: from n/a through < 10.30.12. | ||||
| CVE-2026-25345 | 2 Gallerycreator, Wordpress | 2 Simply Gallery, Wordpress | 2026-03-26 | N/A |
| Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SimpLy Gallery: from n/a through <= 3.3.2. | ||||
| CVE-2026-25371 | 2 King-theme, Wordpress | 2 Lumise Product Designer, Wordpress | 2026-03-26 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in King-Theme Lumise Product Designer lumise allows Blind SQL Injection.This issue affects Lumise Product Designer: from n/a through < 2.0.9. | ||||
| CVE-2026-25396 | 2 Coderpress, Wordpress | 2 Commerce Coinbase For Woocommerce, Wordpress | 2026-03-26 | N/A |
| Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Commerce Coinbase For WooCommerce: from n/a through <= 1.6.6. | ||||
| CVE-2026-25401 | 2 Arni Cinco, Wordpress | 2 Wpcargo Track & Trace, Wordpress | 2026-03-26 | N/A |
| Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through <= 8.0.2. | ||||
| CVE-2026-25413 | 2 Iqonicdesign, Wordpress | 2 Wpbookit Pro, Wordpress | 2026-03-26 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through <= 1.6.18. | ||||
| CVE-2026-25447 | 2 Jonathan Daggerhart, Wordpress | 2 Widget Wrangler, Wordpress | 2026-03-26 | 9.1 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through <= 2.3.9. | ||||
| CVE-2026-25460 | 2 Liquidthemes, Wordpress | 2 Ave Core, Wordpress | 2026-03-26 | N/A |
| Missing Authorization vulnerability in LiquidThemes Ave Core ave-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ave Core: from n/a through <= 2.9.1. | ||||
| CVE-2026-27044 | 2 Totalsuite, Wordpress | 2 Total Poll Lite, Wordpress | 2026-03-26 | 9.9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Remote Code Inclusion.This issue affects Total Poll Lite: from n/a through <= 4.12.0. | ||||
| CVE-2026-27051 | 2 Uxper, Wordpress | 2 Golo, Wordpress | 2026-03-26 | N/A |
| Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through <= 1.7.0. | ||||