Export limit exceeded: 347148 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347148 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-50374 | 2026-04-28 | 5.5 Medium | ||
| Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10. | ||||
| CVE-2023-50377 | 1 Ab-wp | 1 Simple Counter | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AB-WP Simple Counter allows Stored XSS.This issue affects Simple Counter: from n/a through 1.0.2. | ||||
| CVE-2023-50372 | 1 Wpgogo | 1 Custom Post Type Page Template | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita Custom Post Type Page Template.This issue affects Custom Post Type Page Template: from n/a through 1.1. | ||||
| CVE-2023-50369 | 1 Almapay | 1 Alma | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alma Alma – Pay in installments or later for WooCommerce allows Stored XSS.This issue affects Alma – Pay in installments or later for WooCommerce: from n/a through 5.1.3. | ||||
| CVE-2023-50370 | 1 Livemeshthemes | 1 Wpbakery Page Builder Addons | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh WPBakery Page Builder Addons by Livemesh allows Stored XSS.This issue affects WPBakery Page Builder Addons by Livemesh: from n/a through 3.5. | ||||
| CVE-2023-50371 | 1 Pagevisitcounter | 1 Advanced Page Visit Counter | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows Stored XSS.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 8.0.6. | ||||
| CVE-2023-49860 | 1 Wedevs | 1 Wp Project Manager | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts allows Stored XSS.This issue affects WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts: from n/a through 2.6.7. | ||||
| CVE-2023-49853 | 1 Paytr | 1 Paytr Taksit Tablosu - Woocommerce | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu – WooCommerce.This issue affects PayTR Taksit Tablosu – WooCommerce: from n/a through 1.3.1. | ||||
| CVE-2023-49855 | 1 Binarycarpenter | 1 Menu Bar Cart Icon For Woocommerce | 2026-04-28 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3. | ||||
| CVE-2023-50368 | 1 Averta | 1 Shortcodes And Extra Features For Phlox Theme | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Shortcodes and extra features for Phlox theme allows Stored XSS.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.15.2. | ||||
| CVE-2023-49854 | 1 Madebytribe | 1 Caddy | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Tribe Interactive Caddy – Smart Side Cart for WooCommerce.This issue affects Caddy – Smart Side Cart for WooCommerce: from n/a through 1.9.7. | ||||
| CVE-2023-49846 | 1 Bearne | 1 Author Avatars List\/block | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.17. | ||||
| CVE-2023-49847 | 1 Twinpictures | 1 Annual Archive | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through 1.6.0. | ||||
| CVE-2023-49844 | 1 Reviewsignal | 1 Wpperformancetester | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Kevin Ohashi WPPerformanceTester.This issue affects WPPerformanceTester: from n/a through 2.0.0. | ||||
| CVE-2023-49834 | 1 Pluginus | 1 Fox - Currency Switcher Professional For Woocommerce | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in realmag777 FOX – Currency Switcher Professional for WooCommerce.This issue affects FOX – Currency Switcher Professional for WooCommerce: from n/a through 1.4.1.4. | ||||
| CVE-2023-49842 | 1 Wpexperts | 1 Rocket Maintenance Mode \& Coming Soon Page | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpexpertsio Rocket Maintenance Mode & Coming Soon Page allows Stored XSS.This issue affects Rocket Maintenance Mode & Coming Soon Page: from n/a through 4.3. | ||||
| CVE-2023-49841 | 1 Fancythemes | 1 Optin Forms | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FancyThemes Optin Forms – Simple List Building Plugin for WordPress allows Stored XSS.This issue affects Optin Forms – Simple List Building Plugin for WordPress: from n/a through 1.3.3. | ||||
| CVE-2023-49843 | 1 Quanticedge | 1 First Order Discount Woocommerce | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in QuanticEdge First Order Discount Woocommerce.This issue affects First Order Discount Woocommerce: from n/a through 1.21. | ||||
| CVE-2023-49839 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KlbTheme Cosmetsy theme (core plugin), KlbTheme Partdo theme (core plugin), KlbTheme Bacola theme (core plugin), KlbTheme Medibazar theme (core plugin), KlbTheme Furnob theme (core plugin), KlbTheme Clotya theme (core plugin) allows Reflected XSS.This issue affects Cosmetsy theme (core plugin): from n/a through 1.3.0; Partdo theme (core plugin): from n/a through 1.0.9; Bacola theme (core plugin): from n/a through 1.3.3; Medibazar theme (core plugin): from n/a through 1.2.3; Furnob theme (core plugin): from n/a through 1.1.7; Clotya theme (core plugin): from n/a through 1.1.5. | ||||
| CVE-2023-49840 | 1 Palscode | 1 Multi Currency For Woocommerce | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Palscode Multi Currency For WooCommerce.This issue affects Multi Currency For WooCommerce: from n/a through 1.5.5. | ||||