Export limit exceeded: 347031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347031 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-29422 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamics 365 Integration: from n/a through 1.3.13. | ||||
| CVE-2023-29432 | 1 Favethemes | 1 Houzez | 2026-04-28 | 8.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Favethemes Houzez - Real Estate WordPress Theme.This issue affects Houzez - Real Estate WordPress Theme: from n/a before 2.8.3. | ||||
| CVE-2023-29431 | 2026-04-28 | 4.3 Medium | ||
| Missing Authorization vulnerability in OntheGoSystems qTranslate X Cleanup and WPML Import allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects qTranslate X Cleanup and WPML Import: from n/a through 3.0.1. | ||||
| CVE-2023-29386 | 2026-04-28 | 9.1 Critical | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in Julien Crego Manager for Icomoon.This issue affects Manager for Icomoon: from n/a through 2.0. | ||||
| CVE-2023-29426 | 1 Spreadshop | 1 Spreadshop | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Robert Schulz (sprd.Net AG) Spreadshop plugin <= 1.6.5 versions. | ||||
| CVE-2023-29429 | 1 Wpeverest | 1 User Registration | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in WPEverest User Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through 2.3.2.1. | ||||
| CVE-2023-29239 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scripts Control: from n/a through 1.2.1. | ||||
| CVE-2023-29384 | 1 Hmplugin | 1 Jobwp | 2026-04-28 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0. | ||||
| CVE-2023-29235 | 1 Fugu | 1 Maintenance Switch | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Fugu Maintenance Switch plugin <= 1.5.2 versions. | ||||
| CVE-2023-29173 | 1 Awesometogi | 1 Product Category Tree | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in AWESOME TOGI Product Category Tree allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Category Tree: from n/a through 2.5. | ||||
| CVE-2023-29237 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 6.3 Medium |
| Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n/a through 1.3.5. | ||||
| CVE-2023-29102 | 1 Olivethemes | 1 Olive One Click Demo Import | 2026-04-28 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | ||||
| CVE-2023-29096 | 1 Bestwebsoft | 1 Contact Form To Db | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.0. | ||||
| CVE-2023-28990 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in HashThemes Viral Mag allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Mag: from n/a through 1.0.9. | ||||
| CVE-2023-28786 | 1 Solidwp | 1 Solid Security | 2026-04-28 | 3.7 Low |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SolidWP Solid Security – Password, Two Factor Authentication, and Brute Force Protection.This issue affects Solid Security – Password, Two Factor Authentication, and Brute Force Protection: from n/a through 8.1.4. | ||||
| CVE-2023-28788 | 1 Pagevisitcounter | 1 Advanced Page Visit Counter | 2026-04-28 | 7.1 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 6.4.2. | ||||
| CVE-2023-28782 | 1 Gravityforms | 1 Gravity Forms | 2026-04-28 | 8.3 High |
| Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue affects Gravity Forms: from n/a through 2.7.3. | ||||
| CVE-2023-28787 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-04-28 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.4. | ||||
| CVE-2023-28780 | 1 Yoast | 1 Yoast Local Seo | 2026-04-28 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Yoast Yoast Local Premium.This issue affects Yoast Local Premium: from n/a through 14.8. | ||||
| CVE-2023-28777 | 1 Learndash | 1 Learndash | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LearnDash LearnDash LMS allows SQL Injection.This issue affects LearnDash LMS: from n/a through 4.5.3. | ||||