Export limit exceeded: 26235 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26235 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49284 | 1 Bogdanfix | 1 Wp Sendfox | 2026-04-23 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BogdanFix WP SendFox wp-sendfox allows Retrieve Embedded Sensitive Data.This issue affects WP SendFox: from n/a through <= 1.3.1. | ||||
| CVE-2024-47344 | 1 Stylemixthemes | 1 Ulisting | 2026-04-23 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Stylemix uListing ulisting.This issue affects uListing: from n/a through <= 2.1.5. | ||||
| CVE-2024-43283 | 1 Contest-gallery | 1 Contest Gallery | 2026-04-23 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 23.1.2. | ||||
| CVE-2024-43264 | 1 Mediavine | 1 Create | 2026-04-23 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through <= 1.9.8. | ||||
| CVE-2024-43259 | 2 Jem-products, Jem Plugins | 2 Order Export For Woocommerce, Order Expert For Woocommerce | 2026-04-23 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in WebFactory Order Export for WooCommerce order-export-and-more-for-woocommerce.This issue affects Order Export for WooCommerce: from n/a through <= 3.23. | ||||
| CVE-2024-43237 | 1 Taxopress | 1 Taxopress | 2026-04-23 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Steve Burge WordPress Tag Cloud Plugin – Tag Groups tag-groups.This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through <= 2.0.3. | ||||
| CVE-2024-43230 | 2 Sharedfilespro, Tammersoft | 2 Shared Files, Shared Files | 2026-04-23 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through <= 1.7.28. | ||||
| CVE-2024-38787 | 1 Codection | 1 Import And Export Users And Customers | 2026-04-23 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.8. | ||||
| CVE-2024-34812 | 2026-04-23 | 5.3 Medium | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through <= 2.1.8. | ||||
| CVE-2024-32825 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in Simply Static Simply Static simply-static.This issue affects Simply Static: from n/a through <= 3.1.3. | ||||
| CVE-2024-32796 | 2026-04-23 | 4.3 Medium | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite allows Retrieve Embedded Sensitive Data.This issue affects WP Fusion Lite: from n/a through <= 3.42.10. | ||||
| CVE-2024-32782 | 1 Hasthemes | 1 Ht Mega | 2026-04-23 | 4.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through <= 2.4.7. | ||||
| CVE-2024-23506 | 1 Instawp | 1 Instawp Connect | 2026-04-23 | 7.7 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.9. | ||||
| CVE-2024-1435 | 1 Tainacan | 1 Tainacan | 2026-04-23 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in tainacan Tainacan tainacan.This issue affects Tainacan: from n/a through <= 0.20.6. | ||||
| CVE-2026-34269 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2026-04-23 | 6.1 Medium |
| Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | ||||
| CVE-2026-5752 | 1 Cohere | 1 Cohere-terrarium | 2026-04-23 | 9.3 Critical |
| Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal. | ||||
| CVE-2023-5831 | 1 Gitlab | 1 Gitlab | 2026-04-23 | 3.7 Low |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.1 which have the `super_sidebar_logged_out` feature flag enabled. Affected versions with this default-disabled feature flag enabled may unintentionally disclose GitLab version metadata to unauthorized actors. | ||||
| CVE-2007-4570 | 1 Redhat | 2 Enterprise Linux, Mcstrans | 2026-04-23 | N/A |
| Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local users to cause a denial of service (temporary daemon outage) via a large range of compartments in sensitivity labels. | ||||
| CVE-2006-5938 | 1 Grisoft | 1 Avg Antivirus | 2026-04-23 | N/A |
| Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a crafted CAB file. | ||||
| CVE-2006-5793 | 2 Greg Roelofs, Redhat | 2 Libpng, Enterprise Linux | 2026-04-23 | N/A |
| The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. | ||||