Export limit exceeded: 10509 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10717 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6983 | 1 Josevega | 1 Display Custom Fields In The Frontend - Post And User Profile Fields | 2026-04-08 | 4.3 Medium |
| The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vg_display_data shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve potentially sensitive post meta. | ||||
| CVE-2023-6897 | 1 Wpfactory | 1 Ean For Woocommerce | 2026-04-08 | 4.3 Medium |
| The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to expose potentially sensitive post metadata. | ||||
| CVE-2023-6223 | 1 Thimpress | 1 Learnpress | 2026-04-08 | 4.3 Medium |
| The LearnPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.5.7 via the /wp-json/lp/v1/profile/course-tab REST API due to missing validation on the 'userID' user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve the details of another user's course progress. | ||||
| CVE-2023-3105 | 1 Learndash | 1 Learndash | 2026-04-08 | 8.8 High |
| The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for attackers with with existing account access at any level, to change user passwords and potentially take over administrator accounts. | ||||
| CVE-2024-12131 | 1 Wpjobportal | 1 Wp Job Portal | 2026-04-08 | 4.3 Medium |
| The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to submit resumes for other applicants when applying for jobs. | ||||
| CVE-2023-0694 | 1 Wpmet | 1 Metform Elementor Contact Form Builder | 2026-04-08 | 6.5 Medium |
| The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about any standard form field of any form submission. | ||||
| CVE-2023-0693 | 1 Wpmet | 1 Metform Elementor Contact Form Builder | 2026-04-08 | 6.5 Medium |
| The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_transaction_id' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about the transaction ids of arbitrary form submissions that included payment. | ||||
| CVE-2026-1947 | 2 Webaways, Wordpress | 2 Nex-forms-ultimate-forms-plugin, Wordpress | 2026-04-08 | 7.5 High |
| The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 9.1.9 via the submit_nex_form() function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to to overwrite arbitrary form entries via the 'nf_set_entry_update_id' parameter. | ||||
| CVE-2024-8123 | 1 Wpextended | 1 Wp Extended | 2026-04-08 | 5.4 Medium |
| The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.0.8 via the duplicate_post function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and above, to duplicate posts written by other authors including admins. This includes the ability to duplicate password-protected posts, which reveals their contents. | ||||
| CVE-2024-10780 | 2 Nicheaddons, Wordpress | 3 Restaurant & Cafe Addon For Elementor, Restaurant \& Cafe Addon For Elementor, Wordpress | 2026-04-08 | 4.3 Medium |
| The Restaurant & Cafe Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.9 via the 'narestaurant_elementor_template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. | ||||
| CVE-2024-13428 | 1 Wpjobportal | 1 Wp Job Portal | 2026-04-08 | 5.3 Medium |
| The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the deleteCompanyLogo() due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to delete arbitrary company logos. | ||||
| CVE-2025-3811 | 1 Iqonic | 1 Wpbookit | 2026-04-08 | 9.8 Critical |
| The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email through the edit_newdata_customer_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. | ||||
| CVE-2026-1206 | 2 Elemntor, Wordpress | 2 Elementor Website Builder – More Than Just A Page Builder, Wordpress | 2026-04-08 | 4.3 Medium |
| The Elementor Website Builder plugin for WordPress is vulnerable to Incorrect Authorization to Sensitive Information Exposure in all versions up to, and including, 3.35.7. This is due to a logic error in the is_allowed_to_read_template() function permission check that treats non-published templates as readable without verifying edit capabilities. This makes it possible for authenticated attackers, with contributor-level access and above, to read private or draft Elementor template content via the 'template_id' supplied to the 'get_template_data' action of the 'elementor_ajax' endpoint. | ||||
| CVE-2024-13425 | 1 Wpjobportal | 1 Wp Job Portal | 2026-04-08 | 4.3 Medium |
| The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the enforcedelete() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Employer-level access and above, to delete other users companies. | ||||
| CVE-2024-13888 | 1 Amauri | 1 Wpmobile.app | 2026-04-08 | 7.2 High |
| The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action. | ||||
| CVE-2024-13794 | 1 Wpplugins | 1 Hide My Wp Ghost | 2026-04-08 | 5.3 Medium |
| The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to discover the hidden login page location. | ||||
| CVE-2025-4796 | 2 Themewinter, Wordpress | 2 Eventin, Wordpress | 2026-04-08 | 8.8 High |
| The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.34. This is due to the plugin not properly validating a user's identity or capability prior to updating their details like email in the 'Eventin\Speaker\Api\SpeakerController::update_item' function. This makes it possible for unauthenticated attackers with contributor-level and above permissions to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. | ||||
| CVE-2024-13429 | 1 Wpjobportal | 1 Wp Job Portal | 2026-04-08 | 4.3 Medium |
| The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the 'jobenforcedelete' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with employer-level access and above, to delete arbitrary | ||||
| CVE-2024-9862 | 1 Miniorange | 2 Otp Verification, Otp Verification With Firebase | 2026-04-08 | 9.8 Critical |
| The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 3.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources, and the user current password check is missing. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. | ||||
| CVE-2024-10671 | 2026-04-08 | 4.3 Medium | ||
| The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.4 via the [btn_block] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to. | ||||