Export limit exceeded: 341258 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341258 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341258 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25430 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-03-30 | 6.5 Medium |
| Missing Authorization vulnerability in CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms cf7-mailchimp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through <= 1.2.2. | ||||
| CVE-2026-32510 | 2 Edge-themes, Wordpress | 2 Kamperen, Wordpress | 2026-03-30 | 5.4 Medium |
| Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through < 1.3. | ||||
| CVE-2026-25357 | 2 Azzaroco, Wordpress | 2 Ultimate Membership Pro, Wordpress | 2026-03-30 | 8.1 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through <= 13.7. | ||||
| CVE-2026-25344 | 2 Radiustheme, Wordpress | 2 Review Schema, Wordpress | 2026-03-30 | 6.5 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through <= 2.2.6. | ||||
| CVE-2026-32516 | 2 Kamleshyadav, Wordpress | 2 Miraculous Core Plugin, Wordpress | 2026-03-30 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Blind SQL Injection.This issue affects Miraculous Core Plugin: from n/a through < 2.1.2. | ||||
| CVE-2026-27073 | 2 Addi, Wordpress | 2 Addi – Cuotas Que Se Adaptan A Ti, Wordpress | 2026-03-30 | 7.5 High |
| Use of Hard-coded Credentials vulnerability in Addi Addi – Cuotas que se adaptan a ti buy-now-pay-later-addi allows Password Recovery Exploitation.This issue affects Addi – Cuotas que se adaptan a ti: from n/a through <= 2.0.4. | ||||
| CVE-2026-27081 | 2 Mikado-themes, Wordpress | 2 Rosebud, Wordpress | 2026-03-30 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Rosebud rosebud allows PHP Local File Inclusion.This issue affects Rosebud: from n/a through <= 1.4. | ||||
| CVE-2026-32485 | 2 Wedevs, Wordpress | 2 Wp User Frontend, Wordpress | 2026-03-30 | 7.5 High |
| Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.2.8. | ||||
| CVE-2026-32501 | 2 Wordpress, Wp-configurator | 2 Wordpress, Wp Configurator Pro | 2026-03-30 | 7.1 High |
| Missing Authorization vulnerability in wp-configurator WP Configurator Pro wp-configurator-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Configurator Pro: from n/a through <= 3.7.9. | ||||
| CVE-2026-24977 | 2 Nootheme, Wordpress | 2 Organici Library, Wordpress | 2026-03-30 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NooTheme Organici Library noo-organici-library allows Blind SQL Injection.This issue affects Organici Library: from n/a through <= 2.1.2. | ||||
| CVE-2026-25457 | 2 Select-themes, Wordpress | 2 Mixtape, Wordpress | 2026-03-30 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Mixtape mixtape allows PHP Local File Inclusion.This issue affects Mixtape: from n/a through <= 2.1. | ||||
| CVE-2026-27048 | 2 Elated-themes, Wordpress | 2 The Aisle Core, Wordpress | 2026-03-30 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes The Aisle Core theaisle-core allows PHP Local File Inclusion.This issue affects The Aisle Core: from n/a through <= 2.0.5. | ||||
| CVE-2026-32524 | 2 Jordy Meow, Wordpress | 2 Photo Engine, Wordpress | 2026-03-30 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through <= 6.4.9. | ||||
| CVE-2026-25317 | 2 Tychesoftwares, Wordpress | 2 Print Invoice & Delivery Notes For Woocommerce, Wordpress | 2026-03-30 | 7.5 High |
| Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce woocommerce-delivery-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through <= 5.9.0. | ||||
| CVE-2026-25456 | 2 Aarsiv Groups, Wordpress | 2 Automated Fedex Live/manual Rates With Shipping Labels, Wordpress | 2026-03-30 | 7.5 High |
| Missing Authorization vulnerability in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automated FedEx live/manual rates with shipping labels: from n/a through <= 5.1.8. | ||||
| CVE-2026-27071 | 2 Arraytics, Wordpress | 2 Wpcafe, Wordpress | 2026-03-30 | 9.1 Critical |
| Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through <= 3.0.7. | ||||
| CVE-2026-32488 | 2 Wordpress, Wpeverest | 2 Wordpress, User Registration | 2026-03-30 | 8.1 High |
| Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation.This issue affects User Registration: from n/a through <= 4.4.9. | ||||
| CVE-2026-32498 | 2 Metagauss, Wordpress | 2 Registrationmagic, Wordpress | 2026-03-30 | 7.5 High |
| Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through <= 6.0.7.6. | ||||
| CVE-2026-24971 | 2 Elated-themes, Wordpress | 2 Search And Go Theme, Wordpress | 2026-03-30 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in Elated-Themes Search & Go searchgo allows Privilege Escalation.This issue affects Search & Go: from n/a through <= 2.8. | ||||
| CVE-2026-25390 | 2 Saad Iqbal, Wordpress | 2 New User Approve, Wordpress | 2026-03-30 | 6.5 Medium |
| Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through <= 3.2.3. | ||||