Export limit exceeded: 14083 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14083 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-57424 | 2 Knitpay, Wordpress | 2 Razorpay Payment Links For Woocommerce, Wordpress | 2026-07-13 | 6.5 Medium |
| Missing Authorization vulnerability in knitpay Razorpay Payment Links for WooCommerce rzp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay Payment Links for WooCommerce: from n/a through <= 2.1.4. | ||||
| CVE-2026-57739 | 2 Acymailing Newsletter Team, Wordpress | 2 Acymailing Smtp Newsletter, Wordpress | 2026-07-13 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Blind SQL Injection.This issue affects AcyMailing SMTP Newsletter: from n/a through <= 10.11.0. | ||||
| CVE-2026-57741 | 2 Acymailing Newsletter Team, Wordpress | 2 Acymailing Smtp Newsletter, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Stored XSS.This issue affects AcyMailing SMTP Newsletter: from n/a through <= 10.11.0. | ||||
| CVE-2026-57768 | 2 Favethemes, Wordpress | 2 Houzez Login Register, Wordpress | 2026-07-13 | 8.2 High |
| Incorrect Privilege Assignment vulnerability in favethemes Houzez Login Register houzez-login-register allows Privilege Escalation.This issue affects Houzez Login Register: from n/a through <= 3.3.3. | ||||
| CVE-2026-57743 | 2 Stmcan, Wordpress | 2 Rt-theme 18 | Extensions, Wordpress | 2026-07-13 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through <= 2.5. | ||||
| CVE-2026-57771 | 2 Milan Petrovic, Wordpress | 2 Gd Rating System, Wordpress | 2026-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through <= 3.7. | ||||
| CVE-2026-57774 | 2 Vowelweb, Wordpress | 2 Vw Food Corner, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW Food Corner vw-food-corner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Food Corner: from n/a through <= 1.1.0. | ||||
| CVE-2026-57776 | 2 Vowelweb, Wordpress | 2 Vw Wedding, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW Wedding vw-wedding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Wedding: from n/a through <= 1.3.7. | ||||
| CVE-2026-57772 | 2 Wordpress, Wpinventory | 2 Wordpress, Wp Inventory Manager | 2026-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Inventory WP Inventory Manager wp-inventory-manager allows Blind SQL Injection.This issue affects WP Inventory Manager: from n/a through <= 2.4.0. | ||||
| CVE-2026-57779 | 2 Themebeez, Wordpress | 2 Fascinate, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in themebeez Fascinate fascinate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fascinate: from n/a through <= 1.1.5. | ||||
| CVE-2026-57780 | 2 Plugin Envision, Wordpress | 2 Envision Page Builder, Wordpress | 2026-07-13 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plugin Envision Envision Page Builder envision-page-builder allows DOM-Based XSS.This issue affects Envision Page Builder: from n/a through <= 0.22. | ||||
| CVE-2026-57781 | 2 Sovlix, Wordpress | 2 Meetinghub, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in Sovlix MeetingHub meetinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MeetingHub: from n/a through <= 1.25.10. | ||||
| CVE-2026-57782 | 2 Presstigers, Wordpress | 2 Universal Clocks, Wordpress | 2026-07-13 | 5.3 Medium |
| Missing Authorization vulnerability in PressTigers Universal Clocks universal-clocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Universal Clocks: from n/a through <= 1.2.0. | ||||
| CVE-2026-57795 | 2 Themelexus, Wordpress | 2 Kitchor, Wordpress | 2026-07-13 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themelexus Kitchor kitchor allows PHP Local File Inclusion.This issue affects Kitchor: from n/a through <= 1.4.3. | ||||
| CVE-2026-57796 | 2 Vlthemes, Wordpress | 2 Leedo, Wordpress | 2026-07-13 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through <= 3.0.0. | ||||
| CVE-2026-57799 | 2 Uxper, Wordpress | 2 Nuss, Wordpress | 2026-07-13 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through <= 1.3.6. | ||||
| CVE-2026-57813 | 2 Properfraction, Wordpress | 2 Mailoptin, Wordpress | 2026-07-13 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in properfraction MailOptin mailoptin allows Privilege Escalation.This issue affects MailOptin: from n/a through <= 1.2.77.3. | ||||
| CVE-2026-61952 | 2 Jose Vega, Wordpress | 2 Woocommerce Bulk Edit Products – Wp Sheet Editor, Wordpress | 2026-07-13 | 4.9 Medium |
| Missing Authorization vulnerability in Jose Vega WooCommerce Bulk Edit Products – WP Sheet Editor woo-bulk-edit-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Bulk Edit Products – WP Sheet Editor: from n/a through <= 1.8.21. | ||||
| CVE-2026-61955 | 2 Hannan, Wordpress | 2 گرویتی فرم فارسی, Wordpress | 2026-07-13 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hannan گرویتی فرم فارسی persian-gravity-forms allows Blind SQL Injection.This issue affects گرویتی فرم فارسی: from n/a through <= 3.0.2. | ||||
| CVE-2026-61956 | 2 Hamsalam, Wordpress | 2 ووسلام – همگام سازی ووکامرس و باسلام, Wordpress | 2026-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in hamsalam ووسلام – همگام سازی ووکامرس و باسلام sync-basalam allows Cross Site Request Forgery.This issue affects ووسلام – همگام سازی ووکامرس و باسلام: from n/a through <= 1.9.1. | ||||