Export limit exceeded: 11174 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11174 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32382 | 2 Raratheme, Wordpress | 2 Digital Download, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in raratheme Digital Download digital-download allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Digital Download: from n/a through <= 1.1.4. | ||||
| CVE-2026-32487 | 2 Rarathemes, Wordpress | 2 Lawyer Landing Page, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Landing Page: from n/a through <= 1.2.7. | ||||
| CVE-2026-32454 | 2 Theme-fusion, Wordpress | 2 Avada, Wordpress | 2026-03-16 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through < 5.15.0. | ||||
| CVE-2026-32420 | 2 Ruben Garcia, Wordpress | 2 Gamipress, Wordpress | 2026-03-16 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garcia GamiPress gamipress allows Cross Site Request Forgery.This issue affects GamiPress: from n/a through <= 7.6.6. | ||||
| CVE-2026-32408 | 2 Themefusecom, Wordpress | 2 Brizy, Wordpress | 2026-03-16 | 4.3 Medium |
| Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through <= 2.7.23. | ||||
| CVE-2026-32396 | 2 Radiustheme, Wordpress | 2 Team, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13. | ||||
| CVE-2026-32388 | 2 Linethemes, Wordpress | 2 Glb, Wordpress | 2026-03-16 | 5.4 Medium |
| Missing Authorization vulnerability in linethemes GLB glb allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GLB: from n/a through <= 1.2.2. | ||||
| CVE-2026-32461 | 2 Really-simple-plugins, Wordpress | 2 Really Simple Ssl, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through <= 9.5.7. | ||||
| CVE-2026-32460 | 2 Themefic, Wordpress | 2 Ultimate Addons For Contact Form 7, Wordpress | 2026-03-16 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through <= 3.5.36. | ||||
| CVE-2026-32459 | 2 Flycart, Wordpress | 2 Upsellwp, Wordpress | 2026-03-16 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through <= 2.2.4. | ||||
| CVE-2026-32458 | 2 Realmag777, Wordpress | 2 Wolf, Wordpress | 2026-03-16 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 WOLF bulk-editor allows Blind SQL Injection.This issue affects WOLF: from n/a through <= 1.0.8.7. | ||||
| CVE-2026-32457 | 2 Wombat Plugins, Wordpress | 2 Advanced Product Fields Product Addons For Woocommerce, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields (Product Addons) for WooCommerce advanced-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Product Fields (Product Addons) for WooCommerce: from n/a through <= 1.6.18. | ||||
| CVE-2026-32456 | 2 Janis Elsts, Wordpress | 2 Admin Menu Editor, Wordpress | 2026-03-16 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through <= 1.14.1. | ||||
| CVE-2026-32455 | 2 Realmag777, Wordpress | 2 Mdtf, Wordpress | 2026-03-16 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects MDTF: from n/a through <= 1.3.5. | ||||
| CVE-2026-32452 | 2 Themefusion, Wordpress | 2 Fusion Builder, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0. | ||||
| CVE-2026-32451 | 2 Themefusion, Wordpress | 2 Fusion Builder, Wordpress | 2026-03-16 | 6.3 Medium |
| Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0. | ||||
| CVE-2026-32448 | 2 Eric Teubert, Wordpress | 2 Podlove Podcast Publisher, Wordpress | 2026-03-16 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress allows Stored XSS.This issue affects Podlove Podcast Publisher: from n/a through <= 4.3.3. | ||||
| CVE-2026-32445 | 2 Elementor, Wordpress | 2 Elementor Website Builder, Wordpress | 2026-03-16 | 2.7 Low |
| Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.35.5. | ||||
| CVE-2026-32439 | 2 Webgeniuslab, Wordpress | 2 Bighearts, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in WebGeniusLab BigHearts bighearts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BigHearts: from n/a through <= 3.1.14. | ||||
| CVE-2026-32419 | 2 Fernandobriano, Wordpress | 2 List Category Posts, Wordpress | 2026-03-16 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fernando Briano List category posts list-category-posts allows DOM-Based XSS.This issue affects List category posts: from n/a through <= 0.93.1. | ||||