Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7401 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-32798 1 Wordpress 1 Wordpress 2025-07-13 5.3 Medium
Missing Authorization vulnerability in 10up Simple Page Ordering allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Page Ordering: from n/a through 2.5.0.
CVE-2023-46608 2 Wordpress, Wpdo 2 Wordpress, Dologin Security 2025-07-13 5.3 Medium
Missing Authorization vulnerability in WPDO DoLogin Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through 3.7.1.
CVE-2024-32432 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in Ovic Team Ovic Addon Toolkit.This issue affects Ovic Addon Toolkit: from n/a through 2.6.1.
CVE-2023-35875 2 Jegstudio, Wordpress 2 Gutenverse, Wordpress 2025-07-13 5.3 Medium
Missing Authorization vulnerability in Jegstudio Gutenverse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse: from n/a through 1.8.5.
CVE-2023-32593 1 Wordpress 1 Wordpress 2025-07-13 5.4 Medium
Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through 1.6.7.
CVE-2024-13686 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vw_storefront_reset_all_settings() function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the themes settings.
CVE-2023-47793 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in acmethemes Acme Fix Images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acme Fix Images: from n/a through 1.0.0.
CVE-2024-13811 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
The Lafka - Multi Store Burger - Pizza & Food Delivery WooCommerce Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'lafka_import_lafka' AJAX actions in all versions up to, and including, 4.5.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo data that overrides the site.
CVE-2023-32520 2 Webcodin, Wordpress 2 Wcp Contact Form, Wordpress 2025-07-13 7.5 High
Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0.
CVE-2024-35663 1 Wordpress 1 Wordpress 2025-07-13 5.4 Medium
Missing Authorization vulnerability in HahnCreativeGroup WP Translate.This issue affects WP Translate: from n/a through 5.3.0.
CVE-2023-49849 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in Aakash Chakravarthy Shortcoder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcoder: from n/a through 6.3.
CVE-2024-37203 2 Laybuy, Wordpress 2 Laybuy Payment Extension For Woocommerce, Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laybuy Payment Extension for WooCommerce: from n/a through 5.3.9.
CVE-2024-32518 1 Wordpress 1 Wordpress 2025-07-13 5.3 Medium
Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0.
CVE-2024-33938 1 Wordpress 1 Wordpress 2025-07-13 6.5 Medium
Missing Authorization vulnerability in codename065 Sliding Widgets allows Cross-Site Scripting (XSS).This issue affects Sliding Widgets: from n/a through 1.5.0.
CVE-2023-51526 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in Brett Shumaker Simple Staff List.This issue affects Simple Staff List: from n/a through 2.2.4.
CVE-2023-26521 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in CodePeople Search in Place allows Functionality Misuse.This issue affects Search in Place: from n/a through 1.0.104.
CVE-2024-13717 2 Vcita, Wordpress 2 Contact Form And Calls To Action By Vcita, Wordpress 2025-07-13 4.3 Medium
The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_ajax_toggle_ae and vcita_ajax_toggle_contact functions in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to enabled and disable widgets.
CVE-2023-46082 1 Wordpress 1 Wordpress 2025-07-13 5.3 Medium
Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Checker | Finder: from n/a through 2.4.2.
CVE-2023-28990 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in HashThemes Viral Mag allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Mag: from n/a through 1.0.9.
CVE-2023-47778 1 Wordpress 1 Wordpress 2025-07-13 4.3 Medium
Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scripts Control: from n/a through 1.2.1.