Export limit exceeded: 346866 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346866 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67562 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through < 20.0. | ||||
| CVE-2025-67561 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewer debug-log-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Log Viewer: from n/a through <= 2.0.3. | ||||
| CVE-2025-67560 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in Webilia Inc. Listdom listdom allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listdom: from n/a through <= 5.0.1. | ||||
| CVE-2025-67559 | 2 Vcita, Wordpress | 3 Online Booking & Scheduling Calendar For Wordpress By Vcita, Online Booking \& Scheduling Calendar, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through <= 4.5.5. | ||||
| CVE-2025-67558 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange Rencontre rencontre allows Stored XSS.This issue affects Rencontre: from n/a through <= 3.13.7. | ||||
| CVE-2025-67557 | 2 Rhys Wynne, Wordpress | 2 Wp Ebay Product Feeds, Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhys Wynne WP eBay Product Feeds ebay-feeds-for-wordpress allows Stored XSS.This issue affects WP eBay Product Feeds: from n/a through <= 3.4.9. | ||||
| CVE-2025-67555 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStrict's Calendly Embedder: from n/a through <= 1.1.7.2. | ||||
| CVE-2025-67548 | 2 Wordpress, Wpdelicious | 2 Wordpress, Wp Delicious | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through <= 1.9.1. | ||||
| CVE-2025-67541 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lester Chan WP-ShowHide wp-showhide allows Stored XSS.This issue affects WP-ShowHide: from n/a through <= 1.05. | ||||
| CVE-2025-67534 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Jacques Malgrange Rencontre rencontre allows Stored XSS.This issue affects Rencontre: from n/a through <= 3.13.7. | ||||
| CVE-2025-67533 | 2 Themify, Wordpress | 2 Portfolio Post, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Portfolio Post themify-portfolio-post allows Stored XSS.This issue affects Themify Portfolio Post: from n/a through <= 1.3.0. | ||||
| CVE-2025-67528 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through <= 2.5.12. | ||||
| CVE-2025-67527 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Digiqole digiqole allows PHP Local File Inclusion.This issue affects Digiqole: from n/a through < 2.2.7. | ||||
| CVE-2025-67526 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress Sailing sailing allows PHP Local File Inclusion.This issue affects Sailing: from n/a through < 4.4.6. | ||||
| CVE-2025-67525 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Opal_WP ekommart ekommart allows PHP Local File Inclusion.This issue affects ekommart: from n/a through < 4.3.1. | ||||
| CVE-2025-67524 | 3 Elementor, Nootheme, Wordpress | 3 Elementor, Jobmonster, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through <= 1.1.4. | ||||
| CVE-2025-67523 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Exhibz exhibz allows PHP Local File Inclusion.This issue affects Exhibz: from n/a through <= 3.0.9. | ||||
| CVE-2025-67522 | 2 Nootheme, Wordpress | 2 Jobmonster, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster noo-jobmonster allows PHP Local File Inclusion.This issue affects Jobmonster: from n/a through <= 4.8.2. | ||||
| CVE-2025-67521 | 2 Select-themes, Wordpress | 2 Select Core, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Select Core select-core allows PHP Local File Inclusion.This issue affects Select Core: from n/a through < 2.6. | ||||
| CVE-2025-67468 | 2 Crmperks, Wordpress | 2 Integration For Salesforce And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms cf7-salesforce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms: from n/a through <= 1.4.6. | ||||