Export limit exceeded: 365174 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365174 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-57414 | 2 Quantumcloud, Wordpress | 2 Chatbot For Ecommerce – Woowbot, Wordpress | 2026-07-13 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud ChatBot for eCommerce – WoowBot woowbot-woocommerce-chatbot allows Stored XSS.This issue affects ChatBot for eCommerce – WoowBot: from n/a through <= 4.6.1. | ||||
| CVE-2026-57417 | 2 Rextheme, Wordpress | 2 Cart Lift, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RexTheme Cart Lift cart-lift allows Stored XSS.This issue affects Cart Lift: from n/a through <= 3.1.57. | ||||
| CVE-2026-57420 | 2 Netrr, Wordpress | 2 Author Box Wp Lens, Wordpress | 2026-07-13 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Netrr Author Box WP Lens author-box-for-divi allows Stored XSS.This issue affects Author Box WP Lens: from n/a through <= 2.1.5. | ||||
| CVE-2026-57424 | 2 Knitpay, Wordpress | 2 Razorpay Payment Links For Woocommerce, Wordpress | 2026-07-13 | 6.5 Medium |
| Missing Authorization vulnerability in knitpay Razorpay Payment Links for WooCommerce rzp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay Payment Links for WooCommerce: from n/a through <= 2.1.4. | ||||
| CVE-2026-57693 | 2 Spacetime, Wordpress | 2 Ad Inserter, Wordpress | 2026-07-13 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spacetime Ad Inserter ad-inserter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ad Inserter: from n/a through <= 2.8.11. | ||||
| CVE-2026-57695 | 2 Dan Rossiter, Wordpress | 2 Document Gallery, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan Rossiter Document Gallery document-gallery allows Reflected XSS.This issue affects Document Gallery: from n/a through <= 5.1.0. | ||||
| CVE-2026-57702 | 2 Melograno Venture Studio, Wordpress | 2 Amelia, Wordpress | 2026-07-13 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Melograno Venture Studio Amelia ameliabooking allows Blind SQL Injection.This issue affects Amelia: from n/a through <= 2.4.2. | ||||
| CVE-2026-57710 | 2 Quantumcloud, Wordpress | 2 Woowbot Pro Max, Wordpress | 2026-07-13 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in quantumcloud WoowBot Pro Max woowbot-pro-max allows Using Malicious Files.This issue affects WoowBot Pro Max: from n/a through <= 14.1.7. | ||||
| CVE-2026-57719 | 2 Coderevolution, Wordpress | 2 Aimogen Pro, Wordpress | 2026-07-13 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in CodeRevolution Aimogen Pro aimogen-pro allows Using Malicious Files.This issue affects Aimogen Pro: from n/a through <= 2.8.3. | ||||
| CVE-2026-57740 | 2 Acymailing Newsletter Team, Wordpress | 2 Acymailing Smtp Newsletter, Wordpress | 2026-07-13 | 7.1 High |
| Missing Authorization vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AcyMailing SMTP Newsletter: from n/a through <= 10.11.1. | ||||
| CVE-2026-57739 | 2 Acymailing Newsletter Team, Wordpress | 2 Acymailing Smtp Newsletter, Wordpress | 2026-07-13 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Blind SQL Injection.This issue affects AcyMailing SMTP Newsletter: from n/a through <= 10.11.0. | ||||
| CVE-2026-57741 | 2 Acymailing Newsletter Team, Wordpress | 2 Acymailing Smtp Newsletter, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Stored XSS.This issue affects AcyMailing SMTP Newsletter: from n/a through <= 10.11.0. | ||||
| CVE-2026-57768 | 2 Favethemes, Wordpress | 2 Houzez Login Register, Wordpress | 2026-07-13 | 8.2 High |
| Incorrect Privilege Assignment vulnerability in favethemes Houzez Login Register houzez-login-register allows Privilege Escalation.This issue affects Houzez Login Register: from n/a through <= 3.3.3. | ||||
| CVE-2026-57771 | 2 Milan Petrovic, Wordpress | 2 Gd Rating System, Wordpress | 2026-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through <= 3.7. | ||||
| CVE-2026-57774 | 2 Vowelweb, Wordpress | 2 Vw Food Corner, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW Food Corner vw-food-corner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Food Corner: from n/a through <= 1.1.0. | ||||
| CVE-2026-57776 | 2 Vowelweb, Wordpress | 2 Vw Wedding, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW Wedding vw-wedding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Wedding: from n/a through <= 1.3.7. | ||||
| CVE-2026-57779 | 2 Themebeez, Wordpress | 2 Fascinate, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in themebeez Fascinate fascinate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fascinate: from n/a through <= 1.1.5. | ||||
| CVE-2026-57780 | 2 Plugin Envision, Wordpress | 2 Envision Page Builder, Wordpress | 2026-07-13 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plugin Envision Envision Page Builder envision-page-builder allows DOM-Based XSS.This issue affects Envision Page Builder: from n/a through <= 0.22. | ||||
| CVE-2026-57781 | 2 Sovlix, Wordpress | 2 Meetinghub, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in Sovlix MeetingHub meetinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MeetingHub: from n/a through <= 1.25.10. | ||||
| CVE-2026-57782 | 2 Presstigers, Wordpress | 2 Universal Clocks, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in PressTigers Universal Clocks universal-clocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Universal Clocks: from n/a through <= 1.2.0. | ||||