Search Results (12300 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-32405 2 Wordpress, Xtemos 2 Wordpress, Woodmart 2026-04-22 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a through <= 8.3.9.
CVE-2026-32352 2 Elementor, Wordpress 2 Elementor Website Builder, Wordpress 2026-04-22 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows DOM-Based XSS.This issue affects Elementor Website Builder: from n/a through <= 3.35.5.
CVE-2026-32362 2 Activity-log.com, Wordpress 2 Wp Sessions Time Monitoring Full Automatic, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.1.3.
CVE-2026-32349 2 Andy Fragen, Wordpress 2 Embed Pdf Viewer, Wordpress 2026-04-22 4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Andy Fragen Embed PDF Viewer embed-pdf-viewer allows Server Side Request Forgery.This issue affects Embed PDF Viewer: from n/a through <= 2.4.7.
CVE-2026-32376 2 Raratheme, Wordpress 2 Kalon, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Kalon kalon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalon: from n/a through <= 1.2.9.
CVE-2026-32452 2 Themefusion, Wordpress 2 Fusion Builder, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-32443 2 Josh Kohlbach, Wordpress 2 Product Feed Pro For Woocommerce, Wordpress 2026-04-22 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce woo-product-feed-pro allows Cross Site Request Forgery.This issue affects Product Feed PRO for WooCommerce: from n/a through <= 13.5.2.
CVE-2026-32432 2 Codepeople, Wordpress 2 Wp Time Slots Booking Form, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through <= 1.2.42.
CVE-2026-32419 2 Fernandobriano, Wordpress 2 List Category Posts, Wordpress 2026-04-22 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fernando Briano List category posts list-category-posts allows DOM-Based XSS.This issue affects List category posts: from n/a through <= 0.93.1.
CVE-2026-32415 2 Bogdan Bendziukov, Wordpress 2 Squeeze, Wordpress 2026-04-22 5 Medium
Path Traversal: '.../...//' vulnerability in Bogdan Bendziukov Squeeze squeeze allows Path Traversal.This issue affects Squeeze: from n/a through <= 1.7.7.
CVE-2026-32411 2 Simpma, Wordpress 2 Embed Calendly, Wordpress 2026-04-22 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simpma Embed Calendly embed-calendly-scheduling allows Stored XSS.This issue affects Embed Calendly: from n/a through <= 4.4.
CVE-2026-32403 2 Toocheke, Wordpress 2 Toocheke Companion, Wordpress 2026-04-22 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows DOM-Based XSS.This issue affects Toocheke Companion: from n/a through <= 1.194.
CVE-2026-32420 2 Ruben Garcia, Wordpress 2 Gamipress, Wordpress 2026-04-22 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garcia GamiPress gamipress allows Cross Site Request Forgery.This issue affects GamiPress: from n/a through <= 7.6.6.
CVE-2026-32382 2 Raratheme, Wordpress 2 Digital Download, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Digital Download digital-download allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Digital Download: from n/a through <= 1.1.4.
CVE-2026-32418 2 Jordy Meow, Wordpress 2 Meow Gallery, Wordpress 2026-04-22 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: from n/a through <= 5.4.4.
CVE-2026-32377 2 Raratheme, Wordpress 2 Pranayama Yoga, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Pranayama Yoga pranayama-yoga allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pranayama Yoga: from n/a through <= 1.2.2.
CVE-2026-32355 2 Crocoblock, Wordpress 2 Jetengine, Wordpress 2026-04-22 8.8 High
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through < 3.8.4.1.
CVE-2026-32416 2 Bplugins, Wordpress 2 Pdf Poster, Wordpress 2026-04-22 5.4 Medium
Missing Authorization vulnerability in bPlugins PDF Poster pdf-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF Poster: from n/a through <= 2.4.0.
CVE-2026-32354 2 Magepeopleteam, Wordpress 2 Wpevently, Wordpress 2026-04-22 5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Retrieve Embedded Sensitive Data.This issue affects WpEvently: from n/a through < 5.1.9.
CVE-2026-32357 2 Katsushi Kawamori, Wordpress 2 Simple Blog Card, Wordpress 2026-04-22 6.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in Katsushi Kawamori Simple Blog Card simple-blog-card allows Server Side Request Forgery.This issue affects Simple Blog Card: from n/a through <= 2.37.