Export limit exceeded: 10566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10566 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13472 | 1 Perforce | 1 Blazemeter | 2026-04-15 | N/A |
| A fix was made in BlazeMeter Jenkins Plugin version 4.27 to allow users only with certain permissions to see the list of available resources like credential IDs, bzm workspaces and bzm project Ids. Prior to this fix, anyone could see this list as a dropdown on the Jenkins UI. | ||||
| CVE-2024-32814 | 2 Wordpress, Zorem | 2 Wordpress, Advanced Local Pickup For Woocommerce | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a through 1.6.1. | ||||
| CVE-2024-32821 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in TotalSuite Total Poll Lite.This issue affects Total Poll Lite: from n/a through 4.9.9. | ||||
| CVE-2024-32822 | 1 Wordpress | 1 Reviews Plus | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in impleCode Reviews Plus.This issue affects Reviews Plus: from n/a through 1.3.4. | ||||
| CVE-2024-3331 | 2026-04-15 | 6.8 Medium | ||
| Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user running the affected software..This issue affects Spotfire Enterprise Runtime for R - Server Edition: from 1.12.7 through 1.20.0; Spotfire Statistics Services: from 12.0.7 through 12.3.1, from 14.0.0 through 14.3.0; Spotfire Analyst: from 12.0.9 through 12.5.0, from 14.0.0 through 14.3.0; Spotfire Desktop: from 14.0 through 14.3.0; Spotfire Server: from 12.0.10 through 12.5.0, from 14.0.0 through 14.3.0. | ||||
| CVE-2024-33635 | 1 Piotnet | 1 Piotnet Addons For Elementor | 2026-04-15 | 7.5 High |
| Missing Authorization vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | ||||
| CVE-2024-33636 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone.This issue affects WP Page Post Widget Clone: from n/a through 1.0.1. | ||||
| CVE-2024-33652 | 1 Realbigplugins | 1 Client Dash | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Real Big Plugins Client Dash.This issue affects Client Dash: from n/a through 2.2.1. | ||||
| CVE-2024-54222 | 2 Seraphinitesolutions, Wordpress | 2 Seraphinite Accelerator, Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Accelerator seraphinite-accelerator allows Retrieve Embedded Sensitive Data.This issue affects Seraphinite Accelerator: from n/a through <= 2.22.15. | ||||
| CVE-2024-35168 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through 2.5.1. | ||||
| CVE-2024-35663 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in HahnCreativeGroup WP Translate.This issue affects WP Translate: from n/a through 5.3.0. | ||||
| CVE-2024-35665 | 1 Namithjawahar | 1 Insert Post Ads | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in namithjawahar Insert Post Ads.This issue affects Insert Post Ads: from n/a through 1.3.2. | ||||
| CVE-2024-35671 | 2 Minoji, Wordpress | 2 Mj Update History, Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Minoji MJ Update History.This issue affects MJ Update History: from n/a through 1.0.4. | ||||
| CVE-2024-35685 | 1 Anders Noren | 1 Radcliffe 2 | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Anders Norén Radcliffe 2.This issue affects Radcliffe 2: from n/a through 2.0.17. | ||||
| CVE-2024-36326 | 1 Amd | 3 Ryzen, Ryzen 7040, Ryzen Ai 300 | 2026-04-15 | 8.4 High |
| Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, potentially resulting in a loss of confidentiality and integrity. | ||||
| CVE-2024-36611 | 1 Symfony | 1 Symfony | 2026-04-15 | 7.5 High |
| In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic handling or denial of service. NOTE: the Supplier has concluded that this is a false report. | ||||
| CVE-2024-3662 | 2026-04-15 | 4.3 Medium | ||
| The WPZOOM Social Feed Widget & Block plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpzoom_instagram_clear_data() function in all versions up to, and including, 2.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete all Instagram images installed on the site. | ||||
| CVE-2024-3664 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.3 Medium |
| The Quick Featured Images plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the set_thumbnail and delete_thumbnail functions in all versions up to, and including, 13.7.0. This makes it possible for authenticated attackers, with contributor-level access and above, to delete thumbnails and add thumbnails to posts they did not author. | ||||
| CVE-2024-37510 | 1 Wpcharitable | 1 Charitable | 2026-04-15 | 6.5 Medium |
| Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7. | ||||
| CVE-2024-37516 | 2026-04-15 | 6.3 Medium | ||
| Missing Authorization vulnerability in fifu.App Featured Image from URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image from URL: from n/a through 4.8.2. | ||||