Export limit exceeded: 347280 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347280 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40662 | 1 Followmedarling | 1 Cookies And Content Security Policy | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jonk @ Follow me Darling Cookies and Content Security Policy.This issue affects Cookies and Content Security Policy: from n/a through 2.15. | ||||
| CVE-2023-40606 | 1 Kanbanwp | 1 Kanban Boards For Wordpress | 2026-04-28 | 9.1 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Kanban for WordPress Kanban Boards for WordPress.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21. | ||||
| CVE-2023-40602 | 1 Doofinder | 1 Doofinder | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 1.5.49. | ||||
| CVE-2023-40555 | 1 Uxthemes | 1 Flatsome | 2026-04-28 | 8.3 High |
| Deserialization of Untrusted Data vulnerability in UX-themes Flatsome | Multi-Purpose Responsive WooCommerce Theme.This issue affects Flatsome | Multi-Purpose Responsive WooCommerce Theme: from n/a through 3.17.5. | ||||
| CVE-2023-40335 | 1 Cyberws | 1 Cleverwise Daily Quotes | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Jeremy O'Connell Cleverwise Daily Quotes allows Stored XSS.This issue affects Cleverwise Daily Quotes: from n/a through 3.2. | ||||
| CVE-2023-40211 | 1 Pickplugins | 1 Post Grid Combo | 2026-04-28 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. | ||||
| CVE-2023-40332 | 1 Lesterchan | 1 Wp-postratings | 2026-04-28 | 5.3 Medium |
| Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91. | ||||
| CVE-2023-40204 | 1 Premio | 1 Folders | 2026-04-28 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Premio Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager.This issue affects Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager: from n/a through 2.9.2. | ||||
| CVE-2023-40010 | 1 Pluginus | 1 Husky - Products Filter Professional For Woocommerce | 2026-04-28 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in realmag777 HUSKY – Products Filter for WooCommerce Professional.This issue affects HUSKY – Products Filter for WooCommerce Professional: from n/a through 1.3.4.2. | ||||
| CVE-2023-40000 | 1 Litespeedtech | 1 Litespeed Cache | 2026-04-28 | 8.3 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7. | ||||
| CVE-2023-39926 | 1 Acurax | 1 Under Construction \/ Maintenance Mode | 2026-04-28 | 7.1 High |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Acurax Under Construction / Maintenance Mode from Acurax plugin <= 2.6 versions. | ||||
| CVE-2023-39921 | 1 Amitzy | 1 Molongui | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This issue affects Author Box, Guest Author and Co-Authors for Your Posts – Molongui: from n/a through 4.6.19. | ||||
| CVE-2023-39309 | 2 Avada, Wordpress | 2 Fusion Builder, Wordpress | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-39313 | 1 Theme-fusion | 1 Avada | 2026-04-28 | 7.7 High |
| Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | ||||
| CVE-2023-39163 | 1 Averta | 1 Phlox Shop | 2026-04-28 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Shop allows PHP Local File Inclusion.This issue affects Phlox Shop: from n/a through 2.0.0. | ||||
| CVE-2023-39311 | 1 Avada | 1 Fusion Builder | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-39166 | 1 Tagdiv | 1 Tagdiv Composer | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before 4.4. | ||||
| CVE-2023-39306 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-39310 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | ||||
| CVE-2023-39307 | 1 Theme-fusion | 1 Avada | 2026-04-28 | 8.5 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | ||||