Export limit exceeded: 338365 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338365 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32381 | 2 Raratheme, Wordpress | 2 App Landing Page, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in raratheme App Landing Page app-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Landing Page: from n/a through <= 1.2.2. | ||||
| CVE-2026-32382 | 2 Raratheme, Wordpress | 2 Digital Download, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in raratheme Digital Download digital-download allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Digital Download: from n/a through <= 1.1.4. | ||||
| CVE-2026-32386 | 2 Envothemes, Wordpress | 2 Envo Extra, Wordpress | 2026-03-16 | 5.4 Medium |
| Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Extra: from n/a through <= 1.9.13. | ||||
| CVE-2026-32391 | 2 Linethemes, Wordpress | 2 Smartfix, Wordpress | 2026-03-16 | 5.4 Medium |
| Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through < 1.2.4. | ||||
| CVE-2026-32395 | 2 Wordpress, Xpro | 2 Wordpress, Xpro Addons For Beaver Builder – Lite | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through <= 1.5.6. | ||||
| CVE-2026-32396 | 2 Radiustheme, Wordpress | 2 Team, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13. | ||||
| CVE-2026-32397 | 2 Wordpress, Ymc-22 | 2 Wordpress, Filter & Grids | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <= 3.5.1. | ||||
| CVE-2026-32399 | 2 Davidlingren, Wordpress | 2 Media Library Assistant, Wordpress | 2026-03-16 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Blind SQL Injection.This issue affects Media LIbrary Assistant: from n/a through <= 3.32. | ||||
| CVE-2026-32404 | 2 Studio99, Wordpress | 2 Studio99 Wp Monitor, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through <= 1.0.3. | ||||
| CVE-2026-32407 | 2 Wordpress, Wpclever | 2 Wordpress, Wpc Smart Wishlist For Woocommerce | 2026-03-16 | 4.3 Medium |
| Missing Authorization vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Smart Wishlist for WooCommerce: from n/a through <= 5.0.8. | ||||
| CVE-2026-32424 | 2 Boldgrid, Wordpress | 2 Sprout Clients, Wordpress | 2026-03-16 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Sprout Clients sprout-clients allows Stored XSS.This issue affects Sprout Clients: from n/a through <= 3.2.2. | ||||
| CVE-2026-32429 | 2 Noor Alam, Wordpress | 2 Magical Addons For Elementor, Wordpress | 2026-03-16 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through <= 1.4.1. | ||||
| CVE-2026-32431 | 2 Brainstorm Force, Wordpress | 2 Astra Bulk Edit, Wordpress | 2026-03-16 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Bulk Edit astra-bulk-edit allows DOM-Based XSS.This issue affects Astra Bulk Edit: from n/a through <= 1.2.10. | ||||
| CVE-2026-32433 | 2 Codepeople, Wordpress | 2 Cp Contact Form With Paypal, Wordpress | 2026-03-16 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in codepeople CP Contact Form with Paypal cp-contact-form-with-paypal allows Blind SQL Injection.This issue affects CP Contact Form with Paypal: from n/a through <= 1.3.61. | ||||
| CVE-2026-32436 | 2 Vowelweb, Wordpress | 2 Vw Photography, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW Photography vw-photography allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Photography: from n/a through <= 1.3.8. | ||||
| CVE-2026-32437 | 2 Vowelweb, Wordpress | 2 Vw Portfolio, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW Portfolio vw-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Portfolio: from n/a through <= 1.3.3. | ||||
| CVE-2026-32438 | 2 Vowelweb, Wordpress | 2 Vw School Education, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW School Education vw-school-education allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW School Education: from n/a through <= 1.4.6. | ||||
| CVE-2026-32439 | 2 Webgeniuslab, Wordpress | 2 Bighearts, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in WebGeniusLab BigHearts bighearts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BigHearts: from n/a through <= 3.1.14. | ||||
| CVE-2026-32442 | 2 E2pdf, Wordpress | 2 E2pdf, Wordpress | 2026-03-16 | 4.3 Medium |
| Missing Authorization vulnerability in E2Pdf e2pdf e2pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through <= 1.28.15. | ||||
| CVE-2026-32443 | 2 Josh Kohlbach, Wordpress | 2 Product Feed Pro For Woocommerce, Wordpress | 2026-03-16 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce woo-product-feed-pro allows Cross Site Request Forgery.This issue affects Product Feed PRO for WooCommerce: from n/a through <= 13.5.2. | ||||