Export limit exceeded: 347095 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347095 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36685 | 1 Brainstormforce | 1 Cartflows | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12. | ||||
| CVE-2023-36679 | 1 Brainstormforce | 1 Spectra | 2026-04-28 | 7.1 High |
| Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6. | ||||
| CVE-2023-36523 | 1 Gopiplus | 1 Email Download Link | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email download link.This issue affects Email download link: from n/a through 3.7. | ||||
| CVE-2023-36520 | 1 Zackgrossbart | 1 Editorial Calendar | 2026-04-28 | 5.4 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12. | ||||
| CVE-2023-35916 | 1 Automattic | 1 Woopayments | 2026-04-28 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0. | ||||
| CVE-2023-35915 | 1 Automattic | 1 Woopayments | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0. | ||||
| CVE-2023-36507 | 1 Reputeinfosystems | 1 Bookingpress | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64. | ||||
| CVE-2023-35914 | 1 Automattic | 1 Woocommerce Subscriptions | 2026-04-28 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions.This issue affects Woo Subscriptions: from n/a through 5.1.2. | ||||
| CVE-2023-36505 | 1 Ninjaforms | 1 Ninja Forms | 2026-04-28 | 6.8 Medium |
| Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24. | ||||
| CVE-2023-36381 | 1 Gesundheit-bewegt | 1 Zippy | 2026-04-28 | 6.6 Medium |
| Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5. | ||||
| CVE-2023-35911 | 1 Creative-solutions | 1 Contact Form Generator | 2026-04-28 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Creative Solutions Contact Form Generator : Creative form builder for WordPress allows SQL Injection.This issue affects Contact Form Generator : Creative form builder for WordPress: from n/a through 2.6.0. | ||||
| CVE-2023-35883 | 1 Magazine3 | 1 Core Web Vitals \& Pagespeed Booster | 2026-04-28 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magazine3 Core Web Vitals & PageSpeed Booster.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through 1.0.12. | ||||
| CVE-2023-35876 | 1 Automattic | 1 Woocommerce Square | 2026-04-28 | 8.1 High |
| Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Square.This issue affects WooCommerce Square: from n/a through 3.8.1. | ||||
| CVE-2023-35909 | 1 Ninjaforms | 1 Ninja Forms | 2026-04-28 | 5.3 Medium |
| Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25. | ||||
| CVE-2023-35877 | 1 Vadimk | 1 Extra User Details | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Vadym K. Extra User Details allows Stored XSS.This issue affects Extra User Details: from n/a through 0.5. | ||||
| CVE-2023-35096 | 1 Wpexperts | 1 Mycred | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in myCred plugin <= 2.5 versions. | ||||
| CVE-2023-35050 | 2 Elementor, Wordpress | 2 Elementor Pro, Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0. | ||||
| CVE-2023-34382 | 1 Dokan | 1 Dokan | 2026-04-28 | 4.4 Medium |
| Deserialization of Untrusted Data vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy: from n/a through 3.7.19. | ||||
| CVE-2023-35039 | 1 Bedevious | 1 Password Reset With Code For Wordpress Rest Api | 2026-04-28 | 9.8 Critical |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Be Devious Web Development Password Reset with Code for WordPress REST API allows Authentication Abuse.This issue affects Password Reset with Code for WordPress REST API: from n/a through 0.0.15. | ||||
| CVE-2023-34385 | 1 Akshaymenariya | 1 Export Import Menus | 2026-04-28 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Akshay Menariya Export Import Menus.This issue affects Export Import Menus: from n/a through 1.8.0. | ||||