Search

Expected end of text, found '.' (at char 18), (line:1, col:19)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347095 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-41857 2026-04-28 5.4 Medium
Missing Authorization vulnerability in ClickToTweet.com Click To Tweet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Click To Tweet: from n/a through 2.0.14.
CVE-2023-41849 2026-04-28 5.3 Medium
Missing Authorization vulnerability in WP Happy Coders Posts Like Dislike allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Like Dislike: from n/a through 1.1.0.
CVE-2023-41848 1 Majeedraza 1 Carousel Slider 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Majeed Raza Carousel Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carousel Slider: from n/a through 2.2.2.
CVE-2023-41803 2026-04-28 5.3 Medium
Missing Authorization vulnerability in BitPay BitPay Checkout for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BitPay Checkout for WooCommerce: from n/a through 4.1.0.
CVE-2023-41802 1 Heateor 1 Super Socializer 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Team Heateor Super Socializer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Socializer: from n/a through 7.13.54.
CVE-2023-41798 1 Wpwax 1 Directorist 2026-04-28 5.1 Medium
Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist – WordPress Business Directory Plugin with Classified Ads Listings: from n/a through 7.7.1.
CVE-2023-41730 1 Pressified 1 Sendpress 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.
CVE-2023-41729 1 Pressified 1 Sendpress 2026-04-28 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.
CVE-2023-41690 1 Wordpress 1 Wordpress 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Wiser Notify WiserNotify Social Proof allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserNotify Social Proof: from n/a through 2.5.
CVE-2023-41689 1 Wordpress 1 Wordpress 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Koen Reus Post to Google My Business (Google Business Profile) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post to Google My Business (Google Business Profile): from n/a through 3.1.14.
CVE-2023-41688 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 1.5.
CVE-2023-41686 2 Ilghera, Wordpress 2 Woocommerce Support System, Wordpress 2026-04-28 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce Support System allows Cross Site Request Forgery.This issue affects Woocommerce Support System: from n/a through 1.2.2.
CVE-2023-41685 1 Ilghera 1 Woocommerce Support System 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ilGhera Woocommerce Support System allows SQL Injection.This issue affects Woocommerce Support System: from n/a through 1.2.1.
CVE-2023-41683 1 Wordpress 1 Wordpress 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Pechenki TelSender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TelSender: from n/a through 1.14.11.
CVE-2023-41664 2026-04-28 6.5 Medium
Missing Authorization vulnerability in AlphaBPO Easy Newsletter Signups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Newsletter Signups: from n/a through 1.0.4.
CVE-2023-41649 2026-04-28 6.5 Medium
Missing Authorization vulnerability in Ovic Team Ovic Product Bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ovic Product Bundle: from n/a through 1.1.2.
CVE-2023-41133 1 Wordpress 1 Wordpress 2026-04-28 5.3 Medium
Authentication Bypass by Spoofing vulnerability in Michal Novák Secure Admin IP allows Functionality Bypass.This issue affects Secure Admin IP: from n/a through 2.0.
CVE-2023-41132 2026-04-28 4.3 Medium
Missing Authorization vulnerability in ShapedPlugin LLC Category Slider for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Category Slider for WooCommerce: from n/a through 1.4.15.
CVE-2023-40670 1 Wpdeveloper 1 Reviewx 2026-04-28 4.3 Medium
Missing Authorization vulnerability in ReviewX Team ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from n/a through 1.6.17.
CVE-2023-40609 1 Rocklobster 1 Contact Form 7 Custom Validation 2026-04-28 8.2 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aiyaz, maheshpatel Contact form 7 Custom validation allows SQL Injection.This issue affects Contact form 7 Custom validation: from n/a through 1.1.3.