Export limit exceeded: 344880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2696 | 2 Export All Urls, Wordpress | 2 Export All Urls, Wordpress | 2026-04-15 | 5.3 Medium |
| The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS (including private posts) in a predictable pattern using a random 6-digit number. These files are stored in the publicly accessible wp-content/uploads/ directory. As a result, any unauthenticated user can brute-force the filenames to gain access to sensitive data contained within the exported files. | ||||
| CVE-2025-15441 | 2 10web, Wordpress | 2 Form Maker, Wordpress | 2026-04-15 | 6.8 Medium |
| The Form Maker by 10Web WordPress plugin before 1.15.38 does not properly prepare SQL queries when the "MySQL Mapping" feature is in use, which could make SQL Injection attacks possible in certain contexts. | ||||
| CVE-2025-15363 | 2 Berkux, Wordpress | 2 Get Use Apis, Wordpress | 2026-04-15 | 5.9 Medium |
| The Get Use APIs WordPress plugin before 2.0.10 executes imported JSON, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks under certain server configurations. | ||||
| CVE-2025-15488 | 2 Responsive, Wordpress | 2 Responsive Menu, Wordpress | 2026-04-15 | 6.5 Medium |
| The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the update_responsive_woo_free_shipping_left_shortcode AJAX action that does not properly validate the content_rech_data parameter before processing it as a shortcode. | ||||
| CVE-2026-2343 | 2 Peprodev Ultimate Invoice, Wordpress | 2 Peprodev Ultimate Invoice, Wordpress | 2026-04-15 | 5.3 Medium |
| The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII. | ||||
| CVE-2025-14545 | 2 Icopydoc, Wordpress | 2 Yml For Yandex Market, Wordpress | 2026-04-15 | 6.5 Medium |
| The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process. | ||||
| CVE-2026-4432 | 2 Wordpress, Yithemes | 2 Wordpress, Yith Woocommerce Wishlist | 2026-04-15 | 6.5 Medium |
| The YITH WooCommerce Wishlist WordPress plugin before 4.13.0 does not properly validate wishlist ownership in the save_title() AJAX handler before allowing wishlist renaming operations. The function only checks for a valid nonce, which is publicly exposed in the page source of the /wishlist/ page, making it possible for unauthenticated attackers to rename any wishlist belonging to any user on the site. | ||||
| CVE-2026-1867 | 2 Wordpress, Wp Front User Submit | 2 Wordpress, Guest Posting / Frontend Posting / Front Editor | 2026-04-15 | 5.9 Medium |
| The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6's settings, it is possible for an unauthenticated attacker to export and download all of the form data/settings, including the administrator's email address. | ||||
| CVE-2025-15433 | 2 Sharedfilespro, Wordpress | 2 Shared Files, Wordpress | 2026-04-15 | 6.8 Medium |
| The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector | ||||
| CVE-2026-1430 | 2 Syedbalkhi, Wordpress | 2 Wp Lightbox 2, Wordpress | 2026-04-15 | 4.8 Medium |
| The WP Lightbox 2 WordPress plugin before 3.0.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | ||||
| CVE-2026-2466 | 2 Dukapress, Wordpress | 2 Dukapress, Wordpress | 2026-04-15 | 7.1 High |
| The DukaPress WordPress plugin through 3.2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | ||||
| CVE-2026-1540 | 2 Spam Protect For Contact Form 7, Wordpress | 2 Spam Protect For Contact Form 7, Wordpress | 2026-04-15 | 7.2 High |
| The Spam Protect for Contact Form 7 WordPress plugin before 1.2.10 allows logging to a PHP file, which could allow an attacker with editor access to achieve Remote Code Execution by using a crafted header | ||||
| CVE-2025-15445 | 2 Restaurant Cafeteria, Wordpress | 2 Restaurant Cafeteria, Wordpress | 2026-04-15 | 5.4 Medium |
| The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP code execution, and also import demo content that rewrites site configuration, including Restaurant Cafeteria WordPress theme through 0.4.6_mods, pages, menus, and front page settings. | ||||
| CVE-2025-15473 | 2 Timetics, Wordpress | 2 Timetics, Wordpress | 2026-04-15 | 4.3 Medium |
| The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type. | ||||
| CVE-2025-15484 | 2 Order Notification For Woocommerce, Wordpress | 2 Order Notification For Woocommerce, Wordpress | 2026-04-15 | 9.1 Critical |
| The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers. | ||||
| CVE-2026-33708 | 1 Chamilo | 1 Chamilo Lms | 2026-04-15 | 6.5 Medium |
| Chamilo LMS is a learning management system. Prior to 1.11.38, the get_user_info_from_username REST API endpoint returns personal information (email, first name, last name, user ID, active status) of any user to any authenticated user, including students. There is no authorization check. This vulnerability is fixed in 1.11.38. | ||||
| CVE-2026-34446 | 2 Linuxfoundation, Onnx | 2 Onnx, Onnx | 2026-04-15 | 4.7 Medium |
| Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, there is an issue in onnx.load, the code checks for symlinks to prevent path traversal, but completely misses hardlinks because a hardlink looks exactly like a regular file on the filesystem. This issue has been patched in version 1.21.0. | ||||
| CVE-2026-33705 | 1 Chamilo | 1 Chamilo Lms | 2026-04-15 | 5.3 Medium |
| Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files (.tpl) under /main/template/default/ are directly accessible without authentication via HTTP GET requests. These templates expose internal application logic, variable names, AJAX endpoint URLs, and admin panel structure. This vulnerability is fixed in 1.11.38. | ||||
| CVE-2019-25639 | 1 Matri4web | 1 Matrimony Website Script | 2026-04-15 | 8.2 High |
| Matrimony Website Script M-Plus contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various POST parameters. Attackers can inject malicious SQL payloads into parameters like txtGender, religion, Fage, and cboCountry across simplesearch_results.php, advsearch_results.php, specialcase_results.php, locational_results.php, and registration2.php to extract sensitive database information or execute arbitrary SQL commands. | ||||
| CVE-2019-25643 | 1 Endonesia | 1 Endonesia | 2026-04-15 | 8.2 High |
| eNdonesia Portal v8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bid parameter. Attackers can send GET requests to banners.php with crafted SQL payloads in the bid parameter to extract sensitive database information from the INFORMATION_SCHEMA tables. | ||||