Export limit exceeded: 343912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343912 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39621 | 2 Spicethemes, Wordpress | 2 Spicepress, Wordpress | 2026-04-10 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in spicethemes SpicePress spicepress allows Upload a Web Shell to a Web Server.This issue affects SpicePress: from n/a through <= 2.3.2.5. | ||||
| CVE-2026-39623 | 2 Kutethemes, Wordpress | 2 Biolife, Wordpress | 2026-04-10 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Biolife biolife allows PHP Local File Inclusion.This issue affects Biolife: from n/a through <= 3.2.3. | ||||
| CVE-2026-39625 | 2 Kutethemes, Wordpress | 2 Techone, Wordpress | 2026-04-10 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through <= 3.0.3. | ||||
| CVE-2026-39627 | 2 Wordpress, Wproyal | 2 Wordpress, Ashe | 2026-04-10 | 4.3 Medium |
| Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe: from n/a through <= 2.266. | ||||
| CVE-2026-39629 | 2 Kutethemes, Wordpress | 2 Uminex, Wordpress | 2026-04-10 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Uminex: from n/a through <= 1.0.9. | ||||
| CVE-2026-39631 | 2 Ronik@unlimitedwp, Wordpress | 2 Wpschoolpress, Wordpress | 2026-04-10 | 4.9 Medium |
| Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through <= 2.2.35. | ||||
| CVE-2026-39633 | 2 Themegoods, Wordpress | 2 Grand Car Rental, Wordpress | 2026-04-10 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Car Rental grandcarrental allows Cross Site Request Forgery.This issue affects Grand Car Rental: from n/a through <= 3.6.9. | ||||
| CVE-2026-39635 | 2 Themegoods, Wordpress | 2 Grand Magazine, Wordpress | 2026-04-10 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through <= 3.5.5. | ||||
| CVE-2026-39637 | 2 Spabrice, Wordpress | 2 Mogi, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through <= 1.2.3. | ||||
| CVE-2026-39639 | 2 Redpixelstudios, Wordpress | 2 Rps Include Content, Wordpress | 2026-04-10 | 6.5 Medium |
| Missing Authorization vulnerability in redpixelstudios RPS Include Content rps-include-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RPS Include Content: from n/a through <= 1.2.2. | ||||
| CVE-2026-39641 | 2 Skywarrior, Wordpress | 2 Blackfyre, Wordpress | 2026-04-10 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through <= 2.5.4. | ||||
| CVE-2026-39644 | 2 Roxnor, Wordpress | 2 Wp Ultimate Review, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wp Ultimate Review: from n/a through <= 2.3.8. | ||||
| CVE-2026-39646 | 2 Bozdoz, Wordpress | 2 Leaflet Map, Wordpress | 2026-04-10 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bozdoz Leaflet Map leaflet-map allows Stored XSS.This issue affects Leaflet Map: from n/a through <= 3.4.4. | ||||
| CVE-2026-39648 | 2 Themebeez, Wordpress | 2 Cream Blog, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through <= 2.1.7. | ||||
| CVE-2026-39650 | 2 Unitech Web, Wordpress | 2 Unitechpay, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in Unitech Web UnitechPay unitechpay-paiements-mobile-money allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnitechPay: from n/a through <= 1.0.2. | ||||
| CVE-2026-39652 | 2 Igms, Wordpress | 2 Igms Direct Booking, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in igms iGMS Direct Booking igms-direct-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iGMS Direct Booking: from n/a through <= 1.3. | ||||
| CVE-2026-39657 | 2 Leadlovers, Wordpress | 2 Leadlovers Forms, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in leadlovers leadlovers forms leadlovers-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects leadlovers forms: from n/a through <= 1.0.2. | ||||
| CVE-2026-39659 | 2 Ultimatemember, Wordpress | 2 Ultimate Member, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through <= 2.11.3. | ||||
| CVE-2026-39662 | 2 Prowcplugins, Wordpress | 2 Product Price By Formula For Woocommerce, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through <= 2.5.6. | ||||
| CVE-2026-39664 | 2 Leadrebel, Wordpress | 2 Leadrebel, Wordpress | 2026-04-10 | 5.3 Medium |
| Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadrebel: from n/a through <= 1.0.2. | ||||