Export limit exceeded: 11684 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11684 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32536 | 2 Halfdata, Wordpress | 2 Stripe Green Downloads, Wordpress | 2026-03-30 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a through <= 2.08. | ||||
| CVE-2026-32537 | 2 Visualportfolio, Wordpress | 2 Visual Portfolio, Photo Gallery & Post Grid, Wordpress | 2026-03-30 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through <= 3.5.1. | ||||
| CVE-2026-32538 | 2 Noor Alam, Wordpress | 2 Smtp Mailer, Wordpress | 2026-03-30 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp-mailer allows Retrieve Embedded Sensitive Data.This issue affects SMTP Mailer: from n/a through <= 1.1.24. | ||||
| CVE-2026-32539 | 2 Publishpress, Wordpress | 2 Publishpress Revisions, Wordpress | 2026-03-30 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Revisions revisionary allows Blind SQL Injection.This issue affects PublishPress Revisions: from n/a through <= 3.7.23. | ||||
| CVE-2026-32540 | 2 Bookly, Wordpress | 2 Bookly, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through <= 26.7. | ||||
| CVE-2026-32541 | 2 Premmerce, Wordpress | 2 Premmerce Redirect Manager, Wordpress | 2026-03-30 | 6.5 Medium |
| Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through <= 1.0.12. | ||||
| CVE-2026-32542 | 2 Themefusion, Wordpress | 2 Fusion Builder, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through < 3.15.0. | ||||
| CVE-2026-32544 | 2 Oopspam, Wordpress | 2 Oopspam Anti-spam, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OOPSpam Team OOPSpam Anti-Spam oopspam-anti-spam allows Stored XSS.This issue affects OOPSpam Anti-Spam: from n/a through <= 1.2.62. | ||||
| CVE-2026-32545 | 2 Taboola, Wordpress | 2 Taboola Pixel, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through <= 1.1.4. | ||||
| CVE-2026-32546 | 2 Stellarwp, Wordpress | 2 Restrict Content, Wordpress | 2026-03-30 | 7.5 High |
| Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22. | ||||
| CVE-2026-27080 | 2 Mikado-themes, Wordpress | 2 Deston, Wordpress | 2026-03-30 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Deston deston allows PHP Local File Inclusion.This issue affects Deston: from n/a through <= 1.0. | ||||
| CVE-2026-24979 | 2 Nootheme, Wordpress | 2 Jobica Core, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobica Core jobica-core allows Reflected XSS.This issue affects Jobica Core: from n/a through <= 1.4.1. | ||||
| CVE-2026-24978 | 2 Nootheme, Wordpress | 2 Jobica Core, Wordpress | 2026-03-30 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in NooTheme Jobica Core jobica-core allows Object Injection.This issue affects Jobica Core: from n/a through <= 1.4.1. | ||||
| CVE-2026-24980 | 2 Nootheme, Wordpress | 2 Visionary Core, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Visionary Core noo-visionary-core allows Reflected XSS.This issue affects Visionary Core: from n/a through <= 1.4.9. | ||||
| CVE-2026-24977 | 2 Nootheme, Wordpress | 2 Organici Library, Wordpress | 2026-03-30 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NooTheme Organici Library noo-organici-library allows Blind SQL Injection.This issue affects Organici Library: from n/a through <= 2.1.2. | ||||
| CVE-2026-24981 | 2 Nootheme, Wordpress | 2 Visionary Core, Wordpress | 2026-03-30 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in NooTheme Visionary Core noo-visionary-core allows Object Injection.This issue affects Visionary Core: from n/a through <= 1.4.9. | ||||
| CVE-2026-24976 | 2 Nootheme, Wordpress | 2 Organici Library, Wordpress | 2026-03-30 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in NooTheme Organici Library noo-organici-library allows Object Injection.This issue affects Organici Library: from n/a through <= 2.1.2. | ||||
| CVE-2026-24975 | 2 Nootheme, Wordpress | 2 Organici Library, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Organici Library noo-organici-library allows Reflected XSS.This issue affects Organici Library: from n/a through <= 2.1.2. | ||||
| CVE-2026-24974 | 2 Nootheme, Wordpress | 2 Citilights, Wordpress | 2026-03-30 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in NooTheme CitiLights noo-citilights allows Object Injection.This issue affects CitiLights: from n/a through <= 3.7.1. | ||||
| CVE-2026-24973 | 2 Nootheme, Wordpress | 2 Citilights, Wordpress | 2026-03-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme CitiLights noo-citilights allows Reflected XSS.This issue affects CitiLights: from n/a through <= 3.7.1. | ||||