Export limit exceeded: 347085 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347085 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347085 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-45636 | 2026-04-29 | 5.4 Medium | ||
| Missing Authorization vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Backup & Migration: from n/a through <= 1.4.1. | ||||
| CVE-2023-44147 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 5.3 Medium |
| Missing Authorization vulnerability in apasionados Comment Blacklist Updater comment-blacklist-updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comment Blacklist Updater: from n/a through <= 1.1.0. | ||||
| CVE-2023-46084 | 1 Bplugins | 1 Icons Font Loader | 2026-04-29 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bPlugins LLC Icons Font Loader allows SQL Injection.This issue affects Icons Font Loader: from n/a through 1.1.2. | ||||
| CVE-2023-35911 | 1 Creative-solutions | 1 Contact Form Generator | 2026-04-29 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Creative Solutions Contact Form Generator : Creative form builder for WordPress allows SQL Injection.This issue affects Contact Form Generator : Creative form builder for WordPress: from n/a through 2.6.0. | ||||
| CVE-2023-46195 | 2026-04-29 | 6.5 Medium | ||
| Missing Authorization vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headline Analyzer: from n/a through <= 1.3.1. | ||||
| CVE-2023-45110 | 2026-04-29 | 4.3 Medium | ||
| Missing Authorization vulnerability in boldthemes Bold Timeline Lite bold-timeline-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite: from n/a through <= 1.1.9. | ||||
| CVE-2023-40678 | 2026-04-29 | 5.4 Medium | ||
| Missing Authorization vulnerability in Andrew Fiebert Simple URLs simple-urls allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple URLs: from n/a through <= 117. | ||||
| CVE-2023-45828 | 2026-04-29 | 5.4 Medium | ||
| Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through <= 6.2.5. | ||||
| CVE-2023-40003 | 1 Wedevs | 1 Wp Project Manager | 2026-04-29 | 6.5 Medium |
| Missing Authorization vulnerability in weDevs WP Project Manager wedevs-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Project Manager: from n/a through <= 2.6.7. | ||||
| CVE-2023-46083 | 2026-04-29 | 5.3 Medium | ||
| Missing Authorization vulnerability in WP Chill Kali Forms kali-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kali Forms: from n/a through <= 2.3.27. | ||||
| CVE-2023-36688 | 1 Idoweb | 1 Simple Site Verify | 2026-04-29 | 4.3 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Mann Simple Site Verify plugin <= 1.0.7 versions. | ||||
| CVE-2023-46082 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 5.3 Medium |
| Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder broken-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Checker | Finder: from n/a through <= 2.4.2. | ||||
| CVE-2023-35037 | 2026-04-29 | 7.6 High | ||
| Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through <= 1.3.2.357. | ||||
| CVE-2023-44142 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 5.4 Medium |
| Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through <= 3.2.2. | ||||
| CVE-2023-46073 | 2026-04-29 | 5.3 Medium | ||
| Missing Authorization vulnerability in Mario Peshev DX Delete Attached Media dx-delete-attached-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DX Delete Attached Media: from n/a through <= 2.0.5.1. | ||||
| CVE-2023-45074 | 1 Pagevisitcounter | 1 Advanced Page Visit Counter | 2026-04-29 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 7.1.1. | ||||
| CVE-2023-45069 | 1 Total-soft | 1 Video Gallery | 2026-04-29 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Video Gallery by Total-Soft Video Gallery – Best WordPress YouTube Gallery Plugin allows SQL Injection.This issue affects Video Gallery – Best WordPress YouTube Gallery Plugin: from n/a through 2.1.3. | ||||
| CVE-2023-45104 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Betterlinks | 2026-04-29 | 7.3 High |
| Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through <= 1.6.0. | ||||
| CVE-2023-45045 | 2026-04-29 | 5.4 Medium | ||
| Missing Authorization vulnerability in krozero WP Custom Widget area wp-custom-widget-area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget area: from n/a through <= 1.2.5. | ||||
| CVE-2023-45055 | 1 Inspireui | 1 Mstore Api | 2026-04-29 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6. | ||||