Search Results (11819 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-32337 2 Rarathemes, Wordpress 2 Preschool And Kindergarten, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Preschool and Kindergarten preschool-and-kindergarten allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Preschool and Kindergarten: from n/a through <= 1.2.5.
CVE-2026-32338 2 Rarathemes, Wordpress 2 Construction Landing Page, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Construction Landing Page construction-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Construction Landing Page: from n/a through <= 1.4.1.
CVE-2026-32339 2 Raratheme, Wordpress 2 Bakes And Cakes, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Bakes And Cakes bakes-and-cakes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bakes And Cakes: from n/a through <= 1.2.9.
CVE-2026-32543 2 Cyberchimps, Wordpress 2 Responsive Blocks, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in CyberChimps Responsive Blocks responsive-block-editor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Blocks: from n/a through <= 2.2.0.
CVE-2026-32457 2 Wombat Plugins, Wordpress 2 Advanced Product Fields Product Addons For Woocommerce, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields (Product Addons) for WooCommerce advanced-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Product Fields (Product Addons) for WooCommerce: from n/a through <= 1.6.18.
CVE-2026-32336 2 Rarathemes, Wordpress 2 Rara Business, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Rara Business rara-business allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rara Business: from n/a through <= 1.3.0.
CVE-2026-32428 2 Ays-pro, Wordpress 2 Popup Like Box, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through <= 3.7.7.
CVE-2026-32447 2 Vito Peleg, Wordpress 2 Atarim, Wordpress 2026-04-22 4.3 Medium
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through <= 4.3.2.
CVE-2026-32439 2 Webgeniuslab, Wordpress 2 Bighearts, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in WebGeniusLab BigHearts bighearts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BigHearts: from n/a through <= 3.1.14.
CVE-2026-32329 2 Ays Pro, Wordpress 2 Advanced Related Posts, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in Ays Pro Advanced Related Posts advanced-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Related Posts: from n/a through <= 1.9.1.
CVE-2026-1948 2 Webaways, Wordpress 2 Nex-forms-ultimate-forms-plugin, Wordpress 2026-04-22 4.3 Medium
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivate_license() function in all versions up to, and including, 9.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to to deactivate the plugin license.
CVE-2026-32452 2 Themefusion, Wordpress 2 Fusion Builder, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-32370 2 Raratheme, Wordpress 2 Influencer, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Influencer influencer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Influencer: from n/a through <= 1.1.7.
CVE-2026-32363 2 Funlus Oy, Wordpress 2 Wplifecycle, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in Funlus Oy WPLifeCycle free-php-version-info allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLifeCycle: from n/a through <= 3.3.1.
CVE-2026-32378 2 Rarathemes, Wordpress 2 Book Landing Page, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Book Landing Page book-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Landing Page: from n/a through <= 1.2.7.
CVE-2026-32340 2 Rarathemes, Wordpress 2 Business One Page, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Business One Page business-one-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business One Page: from n/a through <= 1.3.2.
CVE-2026-32486 2 Wordpress, Wptravelengine 2 Wordpress, Travel Booking 2026-04-22 5.3 Medium
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through <= 1.3.9.
CVE-2026-32373 2 Cozyvision, Wordpress 2 Sms Alert Order Notifications, Wordpress 2026-04-22 5.4 Medium
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through <= 3.9.0.
CVE-2026-32432 2 Codepeople, Wordpress 2 Wp Time Slots Booking Form, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through <= 1.2.42.
CVE-2026-32425 2 Linknacional, Wordpress 2 Payment Gateway Pix For Givewp, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in linknacional Payment Gateway Pix For GiveWP payment-gateway-pix-for-givewp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Pix For GiveWP: from n/a through <= 2.2.3.