Search

Expected end of text, found '.' (at char 50), (line:1, col:51)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347095 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-35910 1 Quasar-form 1 Quasar Form 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nucleus_genius Quasar form free – Contact Form Builder for WordPress allows SQL Injection.This issue affects Quasar form free – Contact Form Builder for WordPress: from n/a through 6.0.
CVE-2023-35879 1 Woo 1 Product Vendors 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.78.
CVE-2023-35875 2 Jegstudio, Wordpress 2 Gutenverse, Wordpress 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Jegstudio Gutenverse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse: from n/a through 1.8.5.
CVE-2023-35777 2026-04-28 5.3 Medium
Missing Authorization vulnerability in The Events Calendar The Events Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar: from n/a through 6.1.2.2.
CVE-2023-35091 1 Storeapps 1 Stock Manager For Woocommerce 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Manager for WooCommerce plugin <= 2.10.0 versions.
CVE-2023-35052 2026-04-28 4.3 Medium
Missing Authorization vulnerability in wpWax - WP Business Directory Plugin and Classified Listings Directory Directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through 7.5.4.
CVE-2023-35051 1 Cimatti 1 Wordpress Contact Forms 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Forms by Cimatti: from n/a through 1.5.7.
CVE-2023-35046 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Dynamic.ooo Dynamic Visibility for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Visibility for Elementor: from n/a through 5.0.5.
CVE-2023-35040 1 Pressified 1 Sendpress 2026-04-28 5.3 Medium
Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6.
CVE-2023-34387 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Constant Contact Constant Contact Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact Forms: from n/a through 2.0.3.
CVE-2023-34386 1 Wpclever 1 Wpc Smart Wishlist For Woocommerce 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 versions.
CVE-2023-34383 1 Wedevs 1 Wp Project Manager 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP Project Manager wedevs-project-manager allows SQL Injection.This issue affects WP Project Manager: from n/a through 2.6.0.
CVE-2023-34381 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Gesundheit Bewegt GmbH Zippy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zippy: from n/a through 1.6.2.
CVE-2023-34376 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Rextheme Change WooCommerce Add To Cart Button Text allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Change WooCommerce Add To Cart Button Text: from n/a through 1.3.
CVE-2023-34371 1 Spamreferrerblock Project 1 Spamreferrerblock 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions.
CVE-2023-34182 1 Shawfactor 1 Lh-password-changer 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Peter Shaw LH Password Changer plugin <= 1.55 versions.
CVE-2023-34181 1 Wp-cirrus Project 1 Wp-cirrus 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WP-Cirrus plugin <= 0.6.11 versions.
CVE-2023-34179 1 Groundhogg 1 Groundhogg 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Groundhogg Inc. Groundhogg allows SQL Injection.This issue affects Groundhogg: from n/a through 2.7.11.
CVE-2023-34178 1 Groundhogg 1 Groundhogg 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions.
CVE-2023-34177 1 Kenthhagstrom 1 Wp-cachecom 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Kenth Hagström WP-Cache.Com plugin <= 1.1.1 versions.