Export limit exceeded: 346275 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346275 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346275 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62038 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Sovlix MeetingHub meetinghub allows Retrieve Embedded Sensitive Data.This issue affects MeetingHub: from n/a through <= 1.23.9. | ||||
| CVE-2025-62037 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. | ||||
| CVE-2025-62033 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. | ||||
| CVE-2025-62028 | 2 Themenectar, Wordpress | 2 Salient Core, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in ThemeNectar Salient salient.This issue affects Salient: from n/a through < 17.4.0. | ||||
| CVE-2025-62023 | 2 S2member, Wordpress | 2 S2member, Wordpress | 2026-04-23 | 9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through <= 250905. | ||||
| CVE-2025-62022 | 2 Buddypress, Wordpress | 2 Buddypress, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in BuddyPress BuddyPress buddypress.This issue affects BuddyPress: from n/a through <= 14.3.4. | ||||
| CVE-2025-62021 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Made Neat Acknowledgify acknowledgify.This issue affects Acknowledgify: from n/a through <= 1.1.3. | ||||
| CVE-2025-62018 | 2 Hogash, Wordpress | 2 Kallyas, Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in hogash KALLYAS kallyas.This issue affects KALLYAS: from n/a through <= 4.22.0. | ||||
| CVE-2025-62017 | 2 Hogash, Wordpress | 2 Kallyas, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in hogash KALLYAS kallyas.This issue affects KALLYAS: from n/a through <= 4.22.0. | ||||
| CVE-2025-62015 | 3 Josh Kohlbach, Woocommerce, Wordpress | 4 Advanced Coupons For Woocommerce Coupons, Woocommerce, Woocommerce Smart Coupons and 1 more | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free.This issue affects Advanced Coupons for WooCommerce Coupons: from n/a through <= 4.6.8. | ||||
| CVE-2025-62013 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in POSIMYTH UiChemy uichemy.This issue affects UiChemy: from n/a through <= 4.0.0. | ||||
| CVE-2025-62009 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Cross Site Request Forgery.This issue affects UPC/EAN/GTIN Code Generator: from n/a through <= 2.0.2. | ||||
| CVE-2025-62006 | 2 Veronalabs, Wordpress | 2 Wp Sms, Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through <= 7.0.1. | ||||
| CVE-2025-62005 | 3 Fantasticplugins, Woocommerce, Wordpress | 3 Sumomemberships, Woocommerce, Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Cross Site Request Forgery.This issue affects SUMO Memberships for WooCommerce: from n/a through < 7.8.0. | ||||
| CVE-2025-60247 | 3 Bux, Woocommerce, Wordpress | 3 Bux Woocommerce, Woocommerce, Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in Bux Bux Woocommerce bux-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bux Woocommerce: from n/a through <= 1.2.3. | ||||
| CVE-2025-60242 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Anatoly Download Counter download-counter allows Path Traversal.This issue affects Download Counter: from n/a through <= 1.4. | ||||
| CVE-2025-60239 | 2 Codexpert, Wordpress | 2 Cschool Lms, Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codexpert, Inc CoSchool LMS coschool allows Blind SQL Injection.This issue affects CoSchool LMS: from n/a through <= 1.4.3. | ||||
| CVE-2025-60238 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in universam UNIVERSAM universam-demo allows Object Injection.This issue affects UNIVERSAM: from n/a through <= 9.04.02. | ||||
| CVE-2025-60237 | 2 Themeton, Wordpress | 2 Finag, Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Themeton Finag finag allows Object Injection.This issue affects Finag: from n/a through <= 1.5.0. | ||||
| CVE-2025-60233 | 2 Themeton, Wordpress | 2 Zuut, Wordpress | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Themeton Zuut zuut allows Object Injection.This issue affects Zuut: from n/a through <= 1.4.2. | ||||