Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (12196 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-47187 1 Wordpress 1 Wordpress 2026-04-29 5.4 Medium
Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words css3-rotating-words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through <= 5.4.
CVE-2023-47179 2 Byconsole, Wordpress 2 Wooodt Lite, Wordpress 2026-04-29 8.8 High
Missing Authorization vulnerability in mdalabar WooODT Lite byconsole-woo-order-delivery-time allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through <= 2.4.6.
CVE-2023-46610 1 Wordpress 1 Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in Mohamed Magdy Quill Forms quillforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quill Forms: from n/a through <= 3.3.0.
CVE-2023-46612 1 Wordpress 1 Wordpress 2026-04-29 4.3 Medium
Missing Authorization vulnerability in codedraft Mediabay mediabay-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mediabay: from n/a through <= 1.6.
CVE-2023-46606 1 Wordpress 1 Wordpress 2026-04-29 5.3 Medium
Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through <= 1.1.4.
CVE-2023-46608 2 Wordpress, Wpdo 2 Wordpress, Dologin Security 2026-04-29 5.3 Medium
Missing Authorization vulnerability in WPDO DoLogin Security dologin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through <= 3.7.1.
CVE-2023-46609 1 Wordpress 1 Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in FeedFocal FeedFocal feedfocal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FeedFocal: from n/a through <= 1.2.2.
CVE-2023-44147 1 Wordpress 1 Wordpress 2026-04-29 5.3 Medium
Missing Authorization vulnerability in apasionados Comment Blacklist Updater comment-blacklist-updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comment Blacklist Updater: from n/a through <= 1.1.0.
CVE-2023-46082 1 Wordpress 1 Wordpress 2026-04-29 5.3 Medium
Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder broken-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Checker | Finder: from n/a through <= 2.4.2.
CVE-2023-44142 1 Wordpress 1 Wordpress 2026-04-29 5.4 Medium
Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through <= 3.2.2.
CVE-2023-45104 2 Wordpress, Wpdeveloper 2 Wordpress, Betterlinks 2026-04-29 7.3 High
Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through <= 1.6.0.
CVE-2023-33215 2 Taggbox, Wordpress 2 Taggbox, Wordpress 2026-04-29 5.4 Medium
Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through <= 3.3.
CVE-2026-5306 2 Checkmail, Wordpress 2 Check And Log Email, Wordpress 2026-04-29 5.4 Medium
The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled
CVE-2025-12820 1 Wordpress 1 Wordpress 2026-04-28 5.3 Medium
The Pure WC Variation Swatches WordPress plugin through 1.1.7 does not have an authorization check when updating its settings, which could allow any authenticated users to update them.
CVE-2025-62958 1 Wordpress 1 Wordpress 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Clifton Griffin Simple Content Templates for Blog Posts & Pages simple-post-template allows Cross Site Request Forgery.This issue affects Simple Content Templates for Blog Posts & Pages: from n/a through <= 2.2.61.
CVE-2026-28080 2 Rank Math Seo, Wordpress 2 Rank Math Seo, Wordpress 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Rank Math Rank Math SEO PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rank Math SEO PRO: from n/a through 3.0.95.
CVE-2026-28073 2 Tipsandtricks-hq, Wordpress 2 Wp Emember, Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tips and Tricks HQ WP eMember allows Reflected XSS.This issue affects WP eMember: from n/a through v10.2.2.
CVE-2026-28070 2 Tipsandtricks-hq, Wordpress 2 Wp Emember, Wordpress 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2.
CVE-2026-28044 2 Wordpress, Wp Media 2 Wordpress, Wp Rocket 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Media WP Rocket allows Stored XSS.This issue affects WP Rocket: from n/a through 3.19.4.
CVE-2026-27413 2 Cozmoslabs, Wordpress 2 Profile Builder, Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Profile Builder Pro allows Blind SQL Injection.This issue affects Profile Builder Pro: from n/a before 3.14.0.