Search

Expected end of text, found '.' (at char 13), (line:1, col:14)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347095 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-37969 2026-04-28 5.3 Medium
Missing Authorization vulnerability in The African Boss Checkout with Zelle on Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout with Zelle on Woocommerce: from n/a through 3.1.
CVE-2023-37967 1 Designinvento 1 Directorypress 2026-04-28 6.5 Medium
Missing Authorization vulnerability in Designinvento DirectoryPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through 3.6.2.
CVE-2023-37887 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Missing Authorization vulnerability in WPSchoolPress Team WPSchoolPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through 2.2.7.
CVE-2023-37886 2 Inspirythemes, Wordpress 2 Realhomes, Wordpress 2026-04-28 5.4 Medium
Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2.
CVE-2023-37885 2 Inspirythemes, Wordpress 2 Realhomes, Wordpress 2026-04-28 4.3 Medium
Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2.
CVE-2023-36681 1 Coolplugins 1 Cryptocurrency Widgets 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.2.
CVE-2023-36680 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Iulia Cazan Image Regenerate & Select Crop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Regenerate & Select Crop: from n/a through 7.1.0.
CVE-2023-36677 1 Smartypantsplugins 1 Sp Project \& Document Manager 2026-04-28 8.3 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Document Manager: from n/a through 4.67.
CVE-2023-36531 2026-04-28 4.3 Medium
Missing Authorization vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LiquidPoll – Advanced Polls for Creators and Brands: from n/a through 3.3.68.
CVE-2023-36529 1 Favethemes 1 Houzez 2026-04-28 9.9 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Favethemes Houzez - Real Estate WordPress Theme allows SQL Injection.This issue affects Houzez - Real Estate WordPress Theme: from n/a through 1.3.4.
CVE-2023-36528 1 Wordpress 1 Wordpress 2026-04-28 5.3 Medium
Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.3.
CVE-2023-36527 1 Bestwebsoft 1 Post To Csv 2026-04-28 4.7 Medium
Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0.
CVE-2023-36526 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Inqsys Technology Duplicate Post Page Menu & Custom Post Type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Duplicate Post Page Menu & Custom Post Type: from n/a through 2.4.1.
CVE-2023-36519 1 Wordpress 1 Wordpress 2026-04-28 5.4 Medium
Missing Authorization vulnerability in wpthemego SW Product Bundles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SW Product Bundles: from n/a through 2.0.15.
CVE-2023-36518 1 Wordpress 1 Wordpress 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Hugh Lashbrooke Post Hit Counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Hit Counter: from n/a through 1.3.2.
CVE-2023-36510 2026-04-28 7.3 High
Missing Authorization vulnerability in Reservation Diary ReDi Restaurant Reservation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReDi Restaurant Reservation: from n/a through 23.0211.
CVE-2023-36509 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Suresh Chand CHP Ads Block Detector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CHP Ads Block Detector: from n/a through 3.9.5.
CVE-2023-36508 1 Bestwebsoft 1 Contact Form To Db 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress contact-form-to-db allows SQL Injection.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.1.
CVE-2023-36506 2026-04-28 5.3 Medium
Missing Authorization vulnerability in YITH YITH WooCommerce Waiting List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Waiting List: from n/a through 2.13.0.
CVE-2023-36385 1 Wpxpo 1 Postx 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpxpo PostX – Gutenberg Post Grid Blocks plugin <= 2.9.9 versions.