Export limit exceeded: 343344 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343344 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6226 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2026-04-08 | 4.3 Medium |
| The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.13.3 via the su_meta shortcode due to missing validation on the user controlled keys 'key' and 'post_id'. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve arbitrary post meta values which may contain sensitive information when combined with another plugin. | ||||
| CVE-2023-6225 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2026-04-08 | 6.4 Medium |
| The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_meta shortcode combined with post meta data in all versions up to, and including, 5.13.3 due to insufficient input sanitization and output escaping on user supplied meta values. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2023-6219 | 1 Reputeinfosystems | 1 Bookingpress | 2026-04-08 | 7.2 High |
| The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2023-6214 | 1 Hasthemes | 1 Ht Mega | 2026-04-08 | 7.5 High |
| The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.6 via the purchased_products function. This makes it possible for unauthenticatied attackers to extract sensitive data including the previous 7 days of order data including products and customer PII. | ||||
| CVE-2023-6187 | 1 Strangerstudios | 1 Paid Memberships Pro | 2026-04-08 | 7.5 High |
| The Paid Memberships Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'pmpro_paypalexpress_session_vars_for_user_fields' function in versions up to, and including, 2.12.3. This makes it possible for authenticated attackers with subscriber privileges or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This can be exploited if 2Checkout (deprecated since version 2.6) or PayPal Express is set as the payment method and a custom user field is added that is only visible at profile, and not visible at checkout according to its settings. | ||||
| CVE-2023-6164 | 1 Mainwp | 1 Mainwp | 2026-04-08 | 2.2 Low |
| The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to CSS Injection via the ‘newColor’ parameter in all versions up to, and including, 4.5.1.2 due to insufficient input sanitization. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary CSS values into the site tags. | ||||
| CVE-2023-6160 | 1 Lifterlms | 1 Lifterlms | 2026-04-08 | 3.3 Low |
| The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 7.4.2 via the maybe_serve_export function. This makes it possible for authenticated attackers, with administrator or LMS manager access and above, to read the contents of arbitrary CSV files on the server, which can contain sensitive information as well as removing those files from the server. | ||||
| CVE-2023-6109 | 1 Yop-poll | 1 Yop Poll | 2026-04-08 | 5.3 Medium |
| The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add() function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to one vote per person. | ||||
| CVE-2023-6007 | 1 Userproplugin | 1 Userpro | 2026-04-08 | 7.3 High |
| The UserPro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.1.1. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options. | ||||
| CVE-2023-5975 | 1 Imagemapper Project | 1 Imagemapper | 2026-04-08 | 4.3 Medium |
| The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.6. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to update the plugin settings via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2023-5843 | 1 Datafeedr | 1 Ads By Datafeedr.com | 2026-04-08 | 9 Critical |
| The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.1.3 via the 'dfads_ajax_load_ads' function. This allows unauthenticated attackers to execute code on the server. The parameters of the callable function are limited, they cannot be specified arbitrarily. | ||||
| CVE-2023-5819 | 1 Gara | 1 Amazonify | 2026-04-08 | 4.4 Medium |
| The Amazonify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. However, please note that this can also be combined with CVE-2023-5818 for CSRF to XSS. | ||||
| CVE-2023-5818 | 1 Gara | 1 Amazonify | 2026-04-08 | 4.3 Medium |
| The Amazonify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.8.1. This is due to missing or incorrect nonce validation on the amazonifyOptionsPage() function. This makes it possible for unauthenticated attackers to update the plugins settings, including the Amazon Tracking ID, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2023-5816 | 1 Bowo | 1 Code Explorer | 2026-04-08 | 4.9 Medium |
| The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessing files to those outside of the WordPress instance, though the intention of the plugin is to only access WordPress related files. This makes it possible for authenticated attackers, with administrator-level access, to read files outside of the WordPress instance. | ||||
| CVE-2023-5775 | 1 Inpsyde | 1 Backwpup | 2026-04-08 | 2.2 Low |
| The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password in all versions up to, and including, 4.0.2. This is due to to the plugin improperly storing backup destination passwords in plaintext. This makes it possible for authenticated attackers, with administrator-level access, to retrieve the password from the password input field in the UI or from the options table where the password is stored. | ||||
| CVE-2023-5774 | 1 Eralion | 1 Animated Counters | 2026-04-08 | 6.4 Medium |
| The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2023-5772 | 1 Bowo | 1 Debug Log Manager | 2026-04-08 | 4.3 Medium |
| The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the clear_log() function. This makes it possible for unauthenticated attackers to clear the debug log via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2023-5714 | 1 Bowo | 1 System Dashboard | 2026-04-08 | 4.3 Medium |
| The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_db_specs() function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve data key specs. | ||||
| CVE-2023-5712 | 1 Bowo | 1 System Dashboard | 2026-04-08 | 4.3 Medium |
| The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_global_value() function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve sensitive global value information. | ||||
| CVE-2023-5709 | 1 Web-dorado | 1 Wd Widgettwitter | 2026-04-08 | 8.8 High |
| The WD WidgetTwitter plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||