Export limit exceeded: 343506 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343506 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343506 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39592 | 2 Andy Ha, Wordpress | 2 Depart, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Andy Ha DEPART depart-deposit-and-part-payment-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DEPART: from n/a through <= 1.0.7. | ||||
| CVE-2026-39631 | 2 Ronik@unlimitedwp, Wordpress | 2 Wpschoolpress, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through <= 2.2.35. | ||||
| CVE-2026-39603 | 2026-04-08 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through <= 5.7.8. | ||||
| CVE-2026-39632 | 2 Themegoods, Wordpress | 2 Grand Blog, Wordpress | 2026-04-08 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Blog grandblog allows Cross Site Request Forgery.This issue affects Grand Blog: from n/a through <= 3.1. | ||||
| CVE-2026-39633 | 2 Themegoods, Wordpress | 2 Grand Car Rental, Wordpress | 2026-04-08 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Car Rental grandcarrental allows Cross Site Request Forgery.This issue affects Grand Car Rental: from n/a through <= 3.6.9. | ||||
| CVE-2026-39634 | 2026-04-08 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Portfolio grandportfolio allows Cross Site Request Forgery.This issue affects Grand Portfolio: from n/a through <= 3.3. | ||||
| CVE-2026-39623 | 2 Kutethemes, Wordpress | 2 Biolife, Wordpress | 2026-04-08 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Biolife biolife allows PHP Local File Inclusion.This issue affects Biolife: from n/a through <= 3.2.3. | ||||
| CVE-2026-39624 | 2 Kutethemes, Wordpress | 2 Biolife, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biolife: from n/a through <= 3.2.3. | ||||
| CVE-2026-39625 | 2 Kutethemes, Wordpress | 2 Techone, Wordpress | 2026-04-08 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through <= 3.0.3. | ||||
| CVE-2026-39628 | 2 Kutethemes, Wordpress | 2 Dukamarket, Wordpress | 2026-04-08 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through <= 1.3.0. | ||||
| CVE-2026-39635 | 2026-04-08 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through <= 3.5.5. | ||||
| CVE-2026-39646 | 2 Bozdoz, Wordpress | 2 Leaflet Map, Wordpress | 2026-04-08 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bozdoz Leaflet Map leaflet-map allows Stored XSS.This issue affects Leaflet Map: from n/a through <= 3.4.4. | ||||
| CVE-2026-39651 | 2 Totalsuite, Wordpress | 2 Total Poll Lite, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through <= 4.12.0. | ||||
| CVE-2026-39650 | 2 Unitech Web, Wordpress | 2 Unitechpay, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Unitech Web UnitechPay unitechpay-paiements-mobile-money allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnitechPay: from n/a through <= 1.0.2. | ||||
| CVE-2026-39657 | 2 Leadlovers, Wordpress | 2 Leadlovers Forms, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in leadlovers leadlovers forms leadlovers-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects leadlovers forms: from n/a through <= 1.0.2. | ||||
| CVE-2026-39654 | 2 Ashish Ajani, Wordpress | 2 Wp Simple Html Sitemap, Wordpress | 2026-04-08 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple HTML Sitemap wp-simple-html-sitemap allows DOM-Based XSS.This issue affects WP Simple HTML Sitemap: from n/a through <= 3.8. | ||||
| CVE-2026-39656 | 2 Razorpay, Wordpress | 2 Razorpay For Woocommerce, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through <= 4.8.2. | ||||
| CVE-2026-39663 | 2 Themetechmount, Wordpress | 2 Truebooker, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.5. | ||||
| CVE-2026-39666 | 2 Telepathy, Wordpress | 2 Hello Bar Popup Builder, Wordpress | 2026-04-08 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through <= 1.5.1. | ||||
| CVE-2026-39667 | 2 Jongmyoung Kim, Wordpress | 2 Korea Sns, Wordpress | 2026-04-08 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jongmyoung Kim Korea SNS korea-sns allows DOM-Based XSS.This issue affects Korea SNS: from n/a through <= 1.7.0. | ||||