Export limit exceeded: 347007 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347007 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64250 | 2 Wordpress, Wpwax | 2 Wordpress, Directorist | 2026-04-24 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wpWax Directorist directorist allows Phishing.This issue affects Directorist: from n/a through <= 8.6.6. | ||||
| CVE-2025-64251 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 4.9 Medium |
| Missing Authorization vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Learning Pro: from n/a through <= 3.9.3. | ||||
| CVE-2025-64630 | 2 Strategy11, Wordpress | 2 Business Directory Plugin, Wordpress | 2026-04-24 | 4.9 Medium |
| Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through <= 6.4.19. | ||||
| CVE-2025-64631 | 2 Wclovers, Wordpress | 2 Wcfm Marketplace, Wordpress | 2026-04-24 | 4.9 Medium |
| Missing Authorization vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Marketplace: from n/a through <= 3.7.1. | ||||
| CVE-2025-64632 | 2 Auctollo, Wordpress | 2 Google-sitemap-generator, Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in Auctollo Google XML Sitemaps google-sitemap-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google XML Sitemaps: from n/a through <= 4.1.22. | ||||
| CVE-2025-64634 | 2 Theme-fusion, Wordpress | 2 Avada, Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in ThemeFusion Avada avada allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Avada: from n/a through <= 7.13.2. | ||||
| CVE-2025-64635 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in Syed Balkhi Feeds for YouTube feeds-for-youtube allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Feeds for YouTube: from n/a through <= 2.4.0. | ||||
| CVE-2025-64638 | 3 Onpay.io, Woocommerce, Wordpress | 3 For Woocommerce, Woocommerce, Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in OnPay.io OnPay.io for WooCommerce onpay-io-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnPay.io for WooCommerce: from n/a through <= 1.0.47. | ||||
| CVE-2025-64639 | 3 Mainwp, Wordpress, Wp Compress | 3 Mainwp, Wordpress, For Mainwp | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through <= 6.50.17. | ||||
| CVE-2025-66120 | 2 Catfolders, Wordpress | 2 Catfolders, Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in CatFolders CatFolders catfolders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CatFolders: from n/a through <= 2.5.3. | ||||
| CVE-2025-66121 | 2 Siteground, Wordpress | 2 Siteground Security, Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in SiteGround SiteGround Security sg-security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through <= 1.5.8. | ||||
| CVE-2025-66122 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in Design Stylish Price List stylish-price-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stylish Price List: from n/a through <= 7.2.2. | ||||
| CVE-2025-66124 | 2 Wordpress, Zeen101 | 2 Wordpress, Leaky Paywall | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leaky Paywall: from n/a through <= 4.22.6. | ||||
| CVE-2025-66125 | 2 Nitesh Singh, Wordpress | 2 Ultimate Wordpress Auction Plugin, Wordpress | 2026-04-24 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Nitesh Ultimate Auction ultimate-auction allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Auction : from n/a through <= 4.3.3. | ||||
| CVE-2025-66126 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in wowpress.host Fix Media Library wow-media-library-fix allows Retrieve Embedded Sensitive Data.This issue affects Fix Media Library: from n/a through <= 2.0. | ||||
| CVE-2025-66127 | 2 G5theme, Wordpress | 2 Essential Real Estate, Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Real Estate: from n/a through <= 5.3.2. | ||||
| CVE-2025-66130 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in etruel WP Views Counter wpecounter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Views Counter: from n/a through <= 2.1.2. | ||||
| CVE-2025-66131 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through <= 2.2.11. | ||||
| CVE-2025-66132 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in FAPI Business s.r.o. FAPI Member fapi-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAPI Member: from n/a through <= 2.2.30. | ||||
| CVE-2025-66133 | 2 Wordpress, Wp Legal Pages | 2 Wordpress, Wp Cookie Notice | 2026-04-24 | 5.3 Medium |
| Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through <= 4.0.7. | ||||