Export limit exceeded: 11723 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11723 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39469 | 2 Softaculous, Wordpress | 2 Pagelayer, Wordpress | 2026-04-08 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8. | ||||
| CVE-2026-39473 | 2 Pär Thernström, Wordpress | 2 Simple History, Wordpress | 2026-04-08 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Pär Thernström Simple History simple-history allows Retrieve Embedded Sensitive Data.This issue affects Simple History: from n/a through <= 5.24.0. | ||||
| CVE-2026-39475 | 2 Syed Balkhi, Wordpress | 2 User Feedback, Wordpress | 2026-04-08 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.1. | ||||
| CVE-2026-39516 | 2 Posimyth, Wordpress | 2 Nexter Blocks, Wordpress | 2026-04-08 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through <= 4.7.0. | ||||
| CVE-2026-39526 | 2 Wordpress, Wpstream | 2 Wordpress, Wpstream | 2026-04-08 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through < 4.11.2. | ||||
| CVE-2026-39542 | 2 Doofinder, Wordpress | 2 Doofinder For Woocommerce, Wordpress | 2026-04-08 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Doofinder Doofinder for WooCommerce doofinder-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Doofinder for WooCommerce: from n/a through <= 2.10.13. | ||||
| CVE-2026-39563 | 2 Illid, Wordpress | 2 Share This Image, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through <= 2.12. | ||||
| CVE-2026-39566 | 2 Designinvento, Wordpress | 2 Directorypress, Wordpress | 2026-04-08 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through <= 3.6.26. | ||||
| CVE-2026-39585 | 2 Arraytics, Wordpress | 2 Booktics, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Arraytics Booktics booktics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booktics: from n/a through <= 1.0.16. | ||||
| CVE-2026-39602 | 2 Rustaurius, Wordpress | 2 Order Tracking, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3. | ||||
| CVE-2026-39604 | 2 Wordpress, Zookatron | 2 Wordpress, Mybooktable Bookstore | 2026-04-08 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookTable Bookstore mybooktable allows Stored XSS.This issue affects MyBookTable Bookstore: from n/a through <= 3.6.0. | ||||
| CVE-2026-39605 | 2 Obadiah, Wordpress | 2 Super Custom Login, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through <= 1.1. | ||||
| CVE-2026-39606 | 2 Foysal Imran, Wordpress | 2 Bizreview, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through <= 1.5.13. | ||||
| CVE-2026-39611 | 2 Kutethemes, Wordpress | 2 Kuteshop, Wordpress | 2026-04-08 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes KuteShop kuteshop allows PHP Local File Inclusion.This issue affects KuteShop: from n/a through <= 4.2.9. | ||||
| CVE-2026-39612 | 2 Kutethemes, Wordpress | 2 Kuteshop, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through <= 4.2.9. | ||||
| CVE-2026-39614 | 2 Ilghera, Wordpress | 2 Jw Player For Wordpress, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JW Player for WordPress: from n/a through <= 2.3.6. | ||||
| CVE-2026-39616 | 2 Dfactory, Wordpress | 2 Download Attachments, Wordpress | 2026-04-08 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments download-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Attachments: from n/a through <= 1.4.0. | ||||
| CVE-2026-39621 | 2 Spicethemes, Wordpress | 2 Spicepress, Wordpress | 2026-04-08 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in spicethemes SpicePress spicepress allows Upload a Web Shell to a Web Server.This issue affects SpicePress: from n/a through <= 2.3.2.5. | ||||
| CVE-2026-39622 | 2 Acmethemes, Wordpress | 2 Education Base, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through <= 3.0.8. | ||||
| CVE-2026-39624 | 2 Kutethemes, Wordpress | 2 Biolife, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biolife: from n/a through <= 3.2.3. | ||||