Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347180 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-47180 1 Xlplugins 1 Finale 2026-04-28 6.5 Medium
Missing Authorization vulnerability in XLPlugins Finale Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Finale Lite: from n/a through 2.16.0.
CVE-2023-47177 1 Pojo 1 Linker 2026-04-28 6.5 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yakir Sitbon, Ariel Klikstein Linker plugin <= 1.2.1 versions.
CVE-2023-46824 1 Omaksolutions 1 Slick Popup 2026-04-28 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin <= 1.7.14 versions.
CVE-2023-46823 1 Avirtum 1 Imagelinks 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4.
CVE-2023-46822 1 Visser 1 Store Exporter For Woocommerce 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting') vulnerability in Visser Labs Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin <= 2.7.2 versions.
CVE-2023-46821 1 Dev4press 1 Gd Security Headers 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Milan Petrovic GD Security Headers allows auth. (admin+) SQL Injection.This issue affects GD Security Headers: from n/a through 1.7.
CVE-2023-46782 1 Chrisyee 1 Momentopress For Momento360 2026-04-28 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Yee MomentoPress for Momento360 plugin <= 1.0.1 versions.
CVE-2023-46781 1 Rolandmurg 1 Current Menu Item For Custom Post Types 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Roland Murg Current Menu Item for Custom Post Types plugin <= 1.5 versions.
CVE-2023-46780 1 Altersoftware 1 Alter 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Alter plugin <= 1.0 versions.
CVE-2023-46779 1 Easyrecipe Project 1 Easyrecipe 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe plugin <= 3.5.3251 versions.
CVE-2023-46778 1 Thefreewindows 1 Auto Limit Posts Reloaded 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin <= 2.5 versions.
CVE-2023-46777 1 Featherplugins 1 Custom Login Page \| Temporary Users \| Rebrand Login \| Login Captcha 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin <= 1.1.3 versions.
CVE-2023-46776 1 Josie 1 Auto Excerpt Everywhere 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Serena Villa Auto Excerpt everywhere plugin <= 1.5 versions.
CVE-2023-46775 1 Zixn 1 Original Texts Yandex Webmaster 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <= 1.18 versions.
CVE-2023-46644 2026-04-28 6.5 Medium
Missing Authorization vulnerability in WP CTA PRO WordPress CTA allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a through 1.5.8.
CVE-2023-46643 1 Cloudnet360 1 Cloudnet360 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions.
CVE-2023-46642 1 Sahu 1 Sahu Tiktok Pixel For E-commerce 2026-04-28 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 versions.
CVE-2023-46639 2026-04-28 5.3 Medium
Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.5.
CVE-2023-46637 1 Wordpress 1 Wordpress 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Generate Dummy Posts: from n/a through 1.0.0.
CVE-2023-46633 1 Wordpress 1 Wordpress 2026-04-28 5.4 Medium
Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2.