Export limit exceeded: 343523 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343523 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39528 | 2 Wordpress, Wpdelicious | 2 Wordpress, Wp Delicious | 2026-04-08 | N/A |
| Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through <= 1.9.5. | ||||
| CVE-2026-39543 | 2 Themefic, Wordpress | 2 Tourfic, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through <= 2.21.4. | ||||
| CVE-2026-39565 | 2026-04-08 | N/A | ||
| Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpTravelly: from n/a through <= 2.1.7. | ||||
| CVE-2026-39566 | 2 Designinvento, Wordpress | 2 Directorypress, Wordpress | 2026-04-08 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through <= 3.6.26. | ||||
| CVE-2026-39569 | 2 Aa Web Servant, Wordpress | 2 12 Step Meeting List, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9. | ||||
| CVE-2026-39571 | 2 Themefic, Wordpress | 2 Instantio, Wordpress | 2026-04-08 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through <= 3.3.30. | ||||
| CVE-2026-39575 | 2 Ronald Huereca, Wordpress | 2 Custom Query Blocks, Wordpress | 2026-04-08 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through <= 5.5.0. | ||||
| CVE-2026-39585 | 2 Arraytics, Wordpress | 2 Booktics, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Arraytics Booktics booktics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booktics: from n/a through <= 1.0.16. | ||||
| CVE-2026-39586 | 2 Ateeq Rafeeq, Wordpress | 2 Repairbuddy, Wordpress | 2026-04-08 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Retrieve Embedded Sensitive Data.This issue affects RepairBuddy: from n/a through <= 4.1132. | ||||
| CVE-2026-39605 | 2 Obadiah, Wordpress | 2 Super Custom Login, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through <= 1.1. | ||||
| CVE-2026-39606 | 2 Foysal Imran, Wordpress | 2 Bizreview, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through <= 1.5.13. | ||||
| CVE-2026-39607 | 2 Wordpress, Wpbens | 2 Wordpress, Filter Plus | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Wpbens Filter Plus filter-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter Plus: from n/a through <= 1.1.17. | ||||
| CVE-2026-32283 | 1 Go Standard Library | 1 Crypto Tls | 2026-04-08 | N/A |
| If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3. | ||||
| CVE-2026-39469 | 2 Softaculous, Wordpress | 2 Pagelayer, Wordpress | 2026-04-08 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8. | ||||
| CVE-2026-39476 | 2 Syed Balkhi, Wordpress | 2 User Feedback, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through <= 1.10.1. | ||||
| CVE-2026-39477 | 2 Brainstormforce, Wordpress | 2 Cartflows, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CartFlows: from n/a through <= 2.2.3. | ||||
| CVE-2026-39488 | 2 Surecart, Wordpress | 2 Surecart, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through <= 4.0.2. | ||||
| CVE-2026-39620 | 2 Priyanshumittal, Wordpress | 2 Appointment, Wordpress | 2026-04-08 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affects Appointment: from n/a through <= 3.5.5. | ||||
| CVE-2026-39505 | 2 Craig Hewitt, Wordpress | 2 Seriously Simple Podcasting, Wordpress | 2026-04-08 | N/A |
| Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seriously Simple Podcasting: from n/a through <= 3.14.2. | ||||
| CVE-2026-39626 | 2 Kutethemes, Wordpress | 2 Armania, Wordpress | 2026-04-08 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through <= 1.4.8. | ||||