Novo-map\ CVEs and Security Vulnerabilities

Export limit exceeded: 346601 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 29), (line:1, col:30)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346601 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-39672	2 Shiptime, Wordpress	2 Shiptime: Discounted Shipping Rates, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipTime: Discounted Shipping Rates: from n/a through <= 1.1.1.
CVE-2026-39678	2 Dotonpaper, Wordpress	2 Pinpoint Booking System, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pinpoint Booking System: from n/a through <= 2.9.9.6.5.
CVE-2026-39680	2 Mwp Development, Wordpress	2 Diet Calorie Calculator, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in MWP Development Diet Calorie Calculator diet-calorie-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Diet Calorie Calculator: from n/a through <= 1.1.1.
CVE-2026-39699	2 Massiveshift, Wordpress	2 Ai Workflow Automation, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in massiveshift AI Workflow Automation ai-workflow-automation-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Workflow Automation: from n/a through <= 1.4.2.
CVE-2026-39684	2 Untheme, Wordpress	2 Organicfood, Wordpress	2026-04-24	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in UnTheme OrganicFood organicfood allows PHP Local File Inclusion.This issue affects OrganicFood: from n/a through <= 3.6.4.
CVE-2026-39685	2 Lvaudore, Wordpress	2 The Moneytizer, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in lvaudore The Moneytizer the-moneytizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Moneytizer: from n/a through <= 10.0.10.
CVE-2026-39692	2 Tagdiv, Wordpress	2 Tagdiv Composer, Wordpress	2026-04-24	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer allows Stored XSS.This issue affects tagDiv Composer: from n/a through <= 5.4.3.
CVE-2026-39693	2 Fesomia, Wordpress	2 Fsm Custom Featured Image Caption, Wordpress	2026-04-24	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fesomia FSM Custom Featured Image Caption fsm-custom-featured-image-caption allows DOM-Based XSS.This issue affects FSM Custom Featured Image Caption: from n/a through <= 1.25.1.
CVE-2026-39695	2 Podigee, Wordpress	2 Podigee, Wordpress	2026-04-24	5.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in podigee Podigee podigee allows Server Side Request Forgery.This issue affects Podigee: from n/a through <= 1.4.0.
CVE-2026-39704	2 Nfusionsolutions, Wordpress	2 Precious Metals Automated Product Pricing – Pro, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in nfusionsolutions Precious Metals Automated Product Pricing – Pro precious-metals-automated-product-pricing-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Precious Metals Automated Product Pricing – Pro: from n/a through <= 4.0.5.
CVE-2026-39683	2 Chief Gnome, Wordpress	2 Garden Gnome Package, Wordpress	2026-04-24	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chief Gnome Garden Gnome Package garden-gnome-package allows DOM-Based XSS.This issue affects Garden Gnome Package: from n/a through <= 2.4.1.
CVE-2026-39703	2 Wordpress, Wpbits	2 Wordpress, Wpbits Addons For Elementor Page Builder	2026-04-24	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through <= 1.8.1.
CVE-2026-39686	2 Bannersky, Wordpress	2 Bsk Pdf Manager, Wordpress	2026-04-24	N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF Manager: from n/a through <= 3.7.2.
CVE-2026-39687	2 Rapid Car Check, Wordpress	2 Rapid Car Check Vehicle Data, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Rapid Car Check Rapid Car Check Vehicle Data free-vehicle-data-uk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rapid Car Check Vehicle Data: from n/a through <= 2.0.
CVE-2026-39707	2 Wordpress, Zealousweb	2 Wordpress, Accept Paypal Payments Using Contact Form 7	2026-04-24	5.3 Medium
Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept PayPal Payments using Contact Form 7: from n/a through <= 4.0.4.
CVE-2026-39691	2 Adastracrypto, Wordpress	2 Cryptocurrency Donation Box – Bitcoin & Crypto Donations, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in AdAstraCrypto Cryptocurrency Donation Box – Bitcoin & Crypto Donations cryptocurrency-donation-box allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Donation Box – Bitcoin & Crypto Donations: from n/a through <= 2.2.13.
CVE-2026-39694	2 Nsquared, Wordpress	2 Simply Schedule Appointments, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through <= 1.6.10.2.
CVE-2026-39696	2 Elfsight, Wordpress	2 Elfsight Whatsapp Chat Cc, Wordpress	2026-04-24	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elfsight Elfsight WhatsApp Chat CC elfsight-whatsapp-chat allows DOM-Based XSS.This issue affects Elfsight WhatsApp Chat CC: from n/a through <= 1.2.0.
CVE-2026-39705	2 Mulika Team, Wordpress	2 Mipl Wc Multisite Sync, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Mulika Team MIPL WC Multisite Sync mipl-wc-multisite-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MIPL WC Multisite Sync: from n/a through <= 1.4.4.
CVE-2026-39706	2 Netro Systems, Wordpress	2 Make My Trivia, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Netro Systems Make My Trivia trivialy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Make My Trivia: from n/a through <= 1.1.0.

« first previous Page 61 of 17331. next last »