Search Results (12213 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-32416 2 Bplugins, Wordpress 2 Pdf Poster, Wordpress 2026-04-22 5.4 Medium
Missing Authorization vulnerability in bPlugins PDF Poster pdf-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF Poster: from n/a through <= 2.4.0.
CVE-2026-32387 2 Noorsplugin, Wordpress 2 Checkout For Paypal, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout for PayPal: from n/a through <= 1.0.46.
CVE-2026-32392 2 Creatives Planet, Wordpress 2 Greenly, Wordpress 2026-04-22 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly greenly allows PHP Local File Inclusion.This issue affects Greenly: from n/a through <= 8.1.
CVE-2026-32339 2 Raratheme, Wordpress 2 Bakes And Cakes, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Bakes And Cakes bakes-and-cakes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bakes And Cakes: from n/a through <= 1.2.9.
CVE-2026-32371 2 Rarathemes, Wordpress 2 Elegant Pink, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Elegant Pink elegant-pink allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elegant Pink: from n/a through <= 1.3.3.
CVE-2026-32373 2 Cozyvision, Wordpress 2 Sms Alert Order Notifications, Wordpress 2026-04-22 5.4 Medium
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through <= 3.9.0.
CVE-2026-32380 2 Raratheme, Wordpress 2 Numinous, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Numinous numinous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Numinous: from n/a through <= 1.3.0.
CVE-2026-32384 2 Magepeopleteam, Wordpress 2 Wpbookingly, Wordpress 2026-04-22 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam WpBookingly service-booking-manager allows PHP Local File Inclusion.This issue affects WpBookingly: from n/a through <= 1.2.9.
CVE-2026-32350 2 Wordpress, Wpradiant 2 Wordpress, Chocolate House 2026-04-22 5.3 Medium
Missing Authorization vulnerability in wpradiant Chocolate House chocolate-house allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chocolate House: from n/a through <= 1.1.5.
CVE-2026-32369 2 Radiustheme, Wordpress 2 Medilink-core, Wordpress 2026-04-22 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through < 2.0.7.
CVE-2026-32363 2 Funlus Oy, Wordpress 2 Wplifecycle, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in Funlus Oy WPLifeCycle free-php-version-info allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLifeCycle: from n/a through <= 3.3.1.
CVE-2026-32362 2 Activity-log.com, Wordpress 2 Wp Sessions Time Monitoring Full Automatic, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.1.3.
CVE-2026-32361 2 Marketing Fire, Wordpress 2 Editorial Calendar, Wordpress 2026-04-22 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marketing Fire Editorial Calendar editorial-calendar allows DOM-Based XSS.This issue affects Editorial Calendar: from n/a through <= 3.9.0.
CVE-2026-32353 2 Mailerpress Team, Wordpress 2 Mailerpress, Wordpress 2026-04-22 6.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in MailerPress Team MailerPress mailerpress allows Server Side Request Forgery.This issue affects MailerPress: from n/a through <= 1.4.2.
CVE-2026-32351 2 Blubrry, Wordpress 2 Powerpress Podcasting, Wordpress 2026-04-22 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blubrry PowerPress Podcasting powerpress allows Stored XSS.This issue affects PowerPress Podcasting: from n/a through <= 11.15.13.
CVE-2026-32349 2 Andy Fragen, Wordpress 2 Embed Pdf Viewer, Wordpress 2026-04-22 4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Andy Fragen Embed PDF Viewer embed-pdf-viewer allows Server Side Request Forgery.This issue affects Embed PDF Viewer: from n/a through <= 2.4.7.
CVE-2026-32342 2 Ays-pro, Wordpress 2 Quiz Maker, Wordpress 2026-04-22 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.1.2.
CVE-2026-32341 2 Rarathemes, Wordpress 2 Benevolent, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Benevolent benevolent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Benevolent: from n/a through <= 1.3.9.
CVE-2026-32334 2 Rarathemes, Wordpress 2 Jobscout, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme JobScout jobscout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobScout: from n/a through <= 1.1.7.
CVE-2026-32370 2 Raratheme, Wordpress 2 Influencer, Wordpress 2026-04-22 5.3 Medium
Missing Authorization vulnerability in raratheme Influencer influencer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Influencer: from n/a through <= 1.1.7.