Search

Expected end of text, found ':' (at char 6), (line:1, col:7)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347158 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-23992 1 Automatorwp 1 Automatorwp 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete.
CVE-2023-23985 2 Ays-pro, Wordpress 2 Quiz Maker, Wordpress 2026-04-28 3.7 Low
Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4.
CVE-2023-23984 1 Wow-company 1 Bubble Menu 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion.
CVE-2023-23970 1 Woorockets 1 Corsa 2026-04-28 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in WooRockets Corsa.This issue affects Corsa: from n/a through 1.5.
CVE-2023-23974 1 Fullworksplugins 1 Quick Event Manager 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update).
CVE-2023-23976 1 Metagauss 1 Registrationmagic 2026-04-28 7.5 High
Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9.2.
CVE-2023-23896 1 Mythemeshop 1 Url Shortener 2026-04-28 5.4 Medium
Missing Authorization vulnerability in MyThemeShop URL Shortener by MyThemeShop.This issue affects URL Shortener by MyThemeShop: from n/a through 1.0.17.
CVE-2023-23882 1 Brainstormforce 1 Ultimate Addons For Beaver Builder 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.5.
CVE-2023-23800 1 Getshortcodes 1 Shortcodes Ultimate 2026-04-28 7.1 High
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a through 5.12.6.
CVE-2023-23684 1 Wpengine 1 Wpgraphql 2026-04-28 4.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through 1.14.5.
CVE-2023-23679 1 Jshelpdesk 1 Jshelpdesk 2026-04-28 4.6 Medium
Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk: from n/a through 2.7.7.
CVE-2023-23656 2026-04-28 10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in MainWP MainWP File Uploader Extension.This issue affects MainWP File Uploader Extension: from n/a through 4.1.
CVE-2023-23649 2026-04-28 8.1 High
Deserialization of Untrusted Data vulnerability in MainWP MainWP Links Manager Extension.This issue affects MainWP Links Manager Extension: from n/a through 2.1.
CVE-2023-22699 1 Mainwp 1 Mainwp Wordfence Extension 2026-04-28 5.4 Medium
Missing Authorization vulnerability in MainWP MainWP Wordfence Extension.This issue affects MainWP Wordfence Extension: from n/a through 4.0.7.
CVE-2023-22689 1 Flamescorpion 1 Auto Affiliate Links 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3 versions.
CVE-2023-22677 1 Binarystash 1 Wp Booklet 2026-04-28 8.5 High
Improper Control of Generation of Code ('Code Injection') vulnerability in BinaryStash WP Booklet.This issue affects WP Booklet: from n/a through 2.1.8.
CVE-2023-22676 1 Andersthorborg 1 Advanced Custom Fields\ 2026-04-28 3.1 Low
Missing Authorization vulnerability in Anders Thorborg.This issue affects Anders Thorborg: from n/a through 1.4.12.
CVE-2023-22674 1 Halgatewood 1 Dashicons \+ Custom Post Types 2026-04-28 5.4 Medium
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Hal Gatewood Dashicons + Custom Post Types.This issue affects Dashicons + Custom Post Types: from n/a through 1.0.2.
CVE-2022-47599 1 Bitapps 1 File Manager 2026-04-28 5.5 Medium
Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager: from n/a through 5.2.7.
CVE-2022-47605 1 Kunalnagar 1 Custom 404 Pro 2026-04-28 8.3 High
Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.7.0 versions.