Export limit exceeded: 13704 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (13704 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-32729 2 Quantumcloud, Wordpress 2 Conversational Forms For Chatbot, Wordpress 2026-06-17 7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal. This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8.
CVE-2026-40723 2 Bricks, Wordpress 2 Bricks Builder, Wordpress 2026-06-17 4.3 Medium
Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
CVE-2026-49071 2 Opmc, Wordpress 2 Woocommerce Dropshipping, Wordpress 2026-06-17 6.5 Medium
Unauthenticated Broken Authentication in WooCommerce Dropshipping <= 5.2.4 versions.
CVE-2026-24575 2 Wishlist Member, Wordpress 2 Wishlist Member X, Wordpress 2026-06-17 4.3 Medium
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
CVE-2026-39597 2 Wordpress, Wpzoom 2 Wordpress, Wpzoom Addons For Elementor 2026-06-17 7.1 High
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
CVE-2025-49403 2 Aa-team, Wordpress 2 Premium Age Verification Restriction For Wordpress, Wordpress 2026-06-17 7.5 High
Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress <= 3.0.2 versions.
CVE-2026-39546 2 Techspawn, Wordpress 2 Multiloca, Wordpress 2026-06-17 7.6 High
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
CVE-2026-54192 2 Ays-pro, Wordpress 2 Popup Box, Wordpress 2026-06-17 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Popup box <= 6.2.9 versions.
CVE-2026-54195 2 Jetmonsters, Wordpress 2 Jetformbuilder, Wordpress 2026-06-17 7.1 High
Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions.
CVE-2026-54196 2 Jetmonsters, Wordpress 2 Jetformbuilder, Wordpress 2026-06-17 6.8 Medium
Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1 versions.
CVE-2026-54806 2 Melapress, Wordpress 2 Wp Activity Log, Wordpress 2026-06-17 9.8 Critical
Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
CVE-2024-32949 2 Prince, Wordpress 2 Integrate Google Drive, Wordpress 2026-06-17 8.3 High
Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Integrate Google Drive: from n/a through 1.3.8.
CVE-2024-33909 2 Avirtum, Wordpress 2 Ipages Flipbook, Wordpress 2026-06-17 5.3 Medium
Missing Authorization vulnerability in Avirtum iPages Flipbook allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects iPages Flipbook: from n/a through 1.5.1.
CVE-2024-35690 2 Marketingfire, Wordpress 2 Widget-options, Wordpress 2026-06-17 6.5 Medium
Insertion of sensitive information into sent data vulnerability in MarketingFire Widget Options allows Retrieve Embedded Sensitive Data. This issue affects Widget Options: from n/a through 4.0.1.
CVE-2026-48967 2 Dylan Kuhn, Wordpress 2 Geo Mashup, Wordpress 2026-06-17 8.5 High
Subscriber SQL Injection in Geo Mashup <= 1.13.19 versions.
CVE-2026-25439 2 Fs-code, Wordpress 2 Booknetic, Wordpress 2026-06-17 8.1 High
Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions.
CVE-2026-49107 2 Thrivethemes, Wordpress 2 Thrive Apprentice, Wordpress 2026-06-17 9.8 Critical
Unauthenticated PHP Object Injection in Thrive Apprentice < 10.8.10.2 versions.
CVE-2026-49767 2 Tomdever, Wordpress 2 Wpforo Forum, Wordpress 2026-06-17 9.8 Critical
Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 versions.
CVE-2026-39537 2 Mikado-themes, Wordpress 2 Mikado Core, Wordpress 2026-06-17 8.1 High
Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
CVE-2026-54194 2 Themefusion, Wordpress 2 Fusion Builder, Wordpress 2026-06-17 9.8 Critical
Contributor PHP Object Injection in Fusion Builder <= 3.15.4 versions.