Export limit exceeded: 347031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347031 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-41796 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2026-04-28 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0. | ||||
| CVE-2023-41735 | 1 Gopiplus | 1 Email Posts To Subscribers | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email posts to subscribers.This issue affects Email posts to subscribers: from n/a through 6.2. | ||||
| CVE-2023-41728 | 1 Rescuethemes | 1 Rescue Shortcodes | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes allows Stored XSS.This issue affects Rescue Shortcodes: from n/a through 2.5. | ||||
| CVE-2023-41690 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in Wiser Notify WiserNotify Social Proof allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserNotify Social Proof: from n/a through 2.5. | ||||
| CVE-2023-41729 | 1 Pressified | 1 Sendpress | 2026-04-28 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions. | ||||
| CVE-2023-41689 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in Koen Reus Post to Google My Business (Google Business Profile) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post to Google My Business (Google Business Profile): from n/a through 3.1.14. | ||||
| CVE-2023-41688 | 2026-04-28 | 5.4 Medium | ||
| Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 1.5. | ||||
| CVE-2023-41685 | 1 Ilghera | 1 Woocommerce Support System | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ilGhera Woocommerce Support System allows SQL Injection.This issue affects Woocommerce Support System: from n/a through 1.2.1. | ||||
| CVE-2023-41686 | 2 Ilghera, Wordpress | 2 Woocommerce Support System, Wordpress | 2026-04-28 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce Support System allows Cross Site Request Forgery.This issue affects Woocommerce Support System: from n/a through 1.2.2. | ||||
| CVE-2023-41683 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in Pechenki TelSender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TelSender: from n/a through 1.14.11. | ||||
| CVE-2023-41664 | 2026-04-28 | 6.5 Medium | ||
| Missing Authorization vulnerability in AlphaBPO Easy Newsletter Signups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Newsletter Signups: from n/a through 1.0.4. | ||||
| CVE-2023-41651 | 2026-04-28 | 6.5 Medium | ||
| Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag Map: from n/a through 17.0.26. | ||||
| CVE-2023-41648 | 1 Swapnilpatil | 1 Login And Logout Redirect | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Swapnil V. Patil Login and Logout Redirect.This issue affects Login and Logout Redirect: from n/a through 2.0.3. | ||||
| CVE-2023-41239 | 1 Blubrry | 1 Powerpress | 2026-04-28 | 6.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry.This issue affects PowerPress Podcasting plugin by Blubrry: from n/a through 11.0.6. | ||||
| CVE-2023-41652 | 1 Carrcommunications | 1 Rsvpmaker | 2026-04-28 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6. | ||||
| CVE-2023-41136 | 1 Ohmybox | 1 Simple Long Form | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Laurence/OhMyBox.Info Simple Long Form allows Stored XSS.This issue affects Simple Long Form: from n/a through 2.2.2. | ||||
| CVE-2023-41133 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Authentication Bypass by Spoofing vulnerability in Michal Novák Secure Admin IP allows Functionality Bypass.This issue affects Secure Admin IP: from n/a through 2.0. | ||||
| CVE-2023-41649 | 2026-04-28 | 6.5 Medium | ||
| Missing Authorization vulnerability in Ovic Team Ovic Product Bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ovic Product Bundle: from n/a through 1.1.2. | ||||
| CVE-2023-41129 | 1 Patreon | 1 Patreon Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon WordPress.This issue affects Patreon WordPress: from n/a through 1.8.6. | ||||
| CVE-2023-41132 | 2026-04-28 | 4.3 Medium | ||
| Missing Authorization vulnerability in ShapedPlugin LLC Category Slider for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Category Slider for WooCommerce: from n/a through 1.4.15. | ||||