Export limit exceeded: 347362 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347362 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28786 | 1 Solidwp | 1 Solid Security | 2026-04-28 | 3.7 Low |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SolidWP Solid Security – Password, Two Factor Authentication, and Brute Force Protection.This issue affects Solid Security – Password, Two Factor Authentication, and Brute Force Protection: from n/a through 8.1.4. | ||||
| CVE-2023-28788 | 1 Pagevisitcounter | 1 Advanced Page Visit Counter | 2026-04-28 | 7.1 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 6.4.2. | ||||
| CVE-2023-28782 | 1 Gravityforms | 1 Gravity Forms | 2026-04-28 | 8.3 High |
| Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue affects Gravity Forms: from n/a through 2.7.3. | ||||
| CVE-2023-28787 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-04-28 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.4. | ||||
| CVE-2023-28780 | 1 Yoast | 1 Yoast Local Seo | 2026-04-28 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Yoast Yoast Local Premium.This issue affects Yoast Local Premium: from n/a through 14.8. | ||||
| CVE-2023-28694 | 1 Wbcomdesigns | 1 Buddypress Activity Social Share | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Wbcom Designs Wbcom Designs – BuddyPress Activity Social Share plugin <= 3.5.0 versions. | ||||
| CVE-2023-28747 | 1 Codeboxr | 1 Cbx Currency Converter | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in codeboxr CBX Currency Converter plugin <= 3.0.3 versions. | ||||
| CVE-2023-28687 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through <= 1.1.4; Fascinate: from n/a through 1.0.8; Cream Blog: from n/a through 2.1.3; Cream Magazine: from n/a through 2.1.4. | ||||
| CVE-2023-28621 | 1 Wishfulthemes | 2 Raise Mag, Wishful Blog | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wishfulthemes Raise Mag, Wishfulthemes Wishful Blog themes allows Reflected XSS.This issue affects Raise Mag: from n/a through 1.0.7; Wishful Blog: from n/a through 2.0.1. | ||||
| CVE-2023-28491 | 1 Tribulant | 1 Slideshow Gallery | 2026-04-28 | 6.7 Medium |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6. | ||||
| CVE-2023-28421 | 1 Winwar | 1 Wp Email Capture | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP Email Capture: from n/a through 3.10. | ||||
| CVE-2023-28418 | 1 Mediciti Lite Project | 1 Mediciti Lite | 2026-04-28 | 7.1 High |
| Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Yudlee themes Mediciti Lite theme <= 1.3.0 versions. | ||||
| CVE-2023-28170 | 1 Themely | 1 Theme Demo Import | 2026-04-28 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themely Theme Demo Import.This issue affects Theme Demo Import: from n/a through 1.1.1. | ||||
| CVE-2023-27627 | 1 Eggemplo | 1 Woocommerce Email Report | 2026-04-28 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in eggemplo Woocommerce Email Report plugin <= 2.4 versions. | ||||
| CVE-2023-27630 | 2 Peepso, Wordpress | 2 Community By Peepso, Wordpress | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.0.9.0. | ||||
| CVE-2023-27632 | 1 Mmrs151 | 1 Daily Prayer Time | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.03.08 versions. | ||||
| CVE-2023-27607 | 2026-04-28 | 5.4 Medium | ||
| Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.This issue affects Points and Rewards for WooCommerce: from n/a through 1.5.0. | ||||
| CVE-2023-27608 | 1 Wpswings | 1 Points And Rewards For Woocommerce | 2026-04-28 | 6.5 Medium |
| Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.This issue affects Points and Rewards for WooCommerce: from n/a through 1.5.0. | ||||
| CVE-2023-27440 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.2 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in OnTheGoSystems Types.This issue affects Types: from n/a through 3.4.17. | ||||
| CVE-2023-27447 | 1 Veronalabs | 1 Wp Sms | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc.This issue affects WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc: from n/a through 6.0.4. | ||||