Export limit exceeded: 346386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346386 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28532 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in listingthemes Real Estate Directory real-estate-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Directory: from n/a through <= 1.0.5. | ||||
| CVE-2023-28417 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in alexacrm Dynamics 365 Integration integration-dynamics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamics 365 Integration: from n/a through <= 1.3.12. | ||||
| CVE-2023-28416 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in sparklewpthemes Chankhe chankhe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chankhe: from n/a through <= 1.0.5. | ||||
| CVE-2023-28168 | 2026-04-23 | 3.7 Low | ||
| Missing Authorization vulnerability in sant0sk1 WordPress Console wordpress-console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Console: from n/a through <= 0.3.9. | ||||
| CVE-2023-28165 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Varun Sharma Backup Bank: WordPress Backup Plugin wp-backup-bank allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup Bank: WordPress Backup Plugin: from n/a through <= 4.0.28. | ||||
| CVE-2023-27626 | 1 Urosevic | 1 Stock Ticker | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in Aleksandar Urošević Stock Ticker stock-ticker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Ticker: from n/a through <= 3.23.0. | ||||
| CVE-2023-27625 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through <= 6.5.0. | ||||
| CVE-2023-27609 | 1 Hyscaler | 1 Wp Roles At Registration | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration wp-roles-at-registration allows Stored XSS.This issue affects WP Roles at Registration: from n/a through <= 0.23. | ||||
| CVE-2023-27456 | 1 Hashthemes | 1 Total | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in hashthemes Total total allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total: from n/a through <= 2.1.19. | ||||
| CVE-2023-27454 | 2 Apollo13themes, Wordpress | 2 Rife Elementor Extensions & Templates, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in apollo13themes Rife Elementor Extensions & Templates rife-elementor-extensions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rife Elementor Extensions & Templates: from n/a through <= 1.1.10. | ||||
| CVE-2023-27449 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.3 Medium |
| Missing Authorization vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through <= 4.8.6. | ||||
| CVE-2023-27428 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in DamirCalusic WP users media wp-users-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through <= 4.2.3. | ||||
| CVE-2023-26522 | 1 Onewebsite | 1 Wp Repost | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in OneWebsite WP Repost wp-repost allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Repost: from n/a through <= 0.1. | ||||
| CVE-2023-26520 | 1 Advanced Text Widget Project | 1 Advanced Text Widget | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in Max Chirkov Advanced Text Widget advanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Text Widget : from n/a through <= 2.1.2. | ||||
| CVE-2023-26005 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Fitrush bw-fitrush allows PHP Local File Inclusion.This issue affects Fitrush: from n/a through <= 1.3.4. | ||||
| CVE-2023-26003 | 2026-04-23 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vipul Jariwala WP Post Corrector wp-post-corrector allows SQL Injection.This issue affects WP Post Corrector: from n/a through <= 1.0.2. | ||||
| CVE-2023-26002 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 6Storage Rentals: from n/a through <= 2.22.0. | ||||
| CVE-2023-26001 | 2026-04-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marchetti Design Next Event Calendar next-event-calendar allows Stored XSS.This issue affects Next Event Calendar: from n/a through <= 1.2. | ||||
| CVE-2023-26000 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hanhdo205 Bang tinh vay bang-tinh-lai-suat allows Stored XSS.This issue affects Bang tinh vay: from n/a through <= 1.0.1. | ||||
| CVE-2023-25999 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme BodyCenter - Gym, Fitness WooCommerce WordPress Theme bodycenter allows PHP Local File Inclusion.This issue affects BodyCenter - Gym, Fitness WooCommerce WordPress Theme: from n/a through <= 2.4. | ||||