Export limit exceeded: 347031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347031 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-49823 | 1 Bold-themes | 1 Bold Page Builder | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.6.1. | ||||
| CVE-2023-49820 | 1 Wpsc-plugin | 1 Structured Content | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3. | ||||
| CVE-2023-49821 | 1 Livechat | 1 Livechat | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in LiveChat LiveChat – WP live chat plugin for WordPress.This issue affects LiveChat – WP live chat plugin for WordPress: from n/a through 4.5.15. | ||||
| CVE-2023-49815 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in WappPress Team WappPress.This issue affects WappPress: from n/a through 5.0.3. | ||||
| CVE-2023-49816 | 1 Whereyoursolutionis | 1 Fix My Feed Rss Repair | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solutions Fix My Feed RSS Repair.This issue affects Fix My Feed RSS Repair: from n/a through 1.4. | ||||
| CVE-2023-49817 | 1 Woocommerce | 1 Checkout Field Editor | 2026-04-28 | 8.2 High |
| Missing Authorization vulnerability in heoLixfy Flexible Woocommerce Checkout Field Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flexible Woocommerce Checkout Field Editor: from n/a through 2.0.1. | ||||
| CVE-2023-49813 | 1 Wppa | 1 Wp Photo Album Plus | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. | ||||
| CVE-2023-49819 | 1 Wpsc-plugin | 1 Structured Content | 2026-04-28 | 7.5 High |
| Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3. | ||||
| CVE-2023-49777 | 1 Yithemes | 1 Yith Woocommerce Product Add-ons | 2026-04-28 | 9.1 Critical |
| Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0. | ||||
| CVE-2023-49818 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in Webflow Webflow Pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webflow Pages: from n/a through 1.0.8. | ||||
| CVE-2023-49812 | 1 Wppa | 1 Wp Photo Album Plus | 2026-04-28 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. | ||||
| CVE-2023-49814 | 1 Symbiostock | 1 Symbiostock | 2026-04-28 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Symbiostock symbiostock.This issue affects Symbiostock: from n/a through 6.0.0. | ||||
| CVE-2023-49771 | 1 Petersplugins | 1 Link Log | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Reflected XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2. | ||||
| CVE-2023-49772 | 1 Phpbits | 1 Genesis Simple Love | 2026-04-28 | 10 Critical |
| Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love.This issue affects Genesis Simple Love: from n/a through 2.0. | ||||
| CVE-2023-49778 | 1 Dmry | 1 Sayfa Sayac | 2026-04-28 | 10 Critical |
| Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. | ||||
| CVE-2023-49775 | 1 Deniskobozev | 1 Csv Importer | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Denis Kobozev CSV Importer.This issue affects CSV Importer: from n/a through 0.3.8. | ||||
| CVE-2023-49773 | 1 Bcorp Shortcodes Project | 1 Bcorp Shortcodes | 2026-04-28 | 10 Critical |
| Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23. | ||||
| CVE-2023-49776 | 1 Dmry | 1 Sayfa Sayac | 2026-04-28 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. | ||||
| CVE-2023-49768 | 2026-04-28 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembly: from n/a through 2.0.10. | ||||
| CVE-2023-49770 | 1 Petersplugins | 1 Smart External Link Click Monitor \[link Log\] | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Stored XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2. | ||||