Export limit exceeded: 341833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341833 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47546 | 1 Wpcompress | 1 Wp Compress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Cross Site Request Forgery.This issue affects WP Compress: from n/a through <= 6.30.30. | ||||
| CVE-2025-47545 | 1 Ays-pro | 1 Poll Maker | 2026-04-01 | 8.1 High |
| Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through <= 5.7.7. | ||||
| CVE-2025-47544 | 1 Acowebs | 1 Dynamic Pricing With Discount Rules For Woocommerce | 2026-04-01 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Blind SQL Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through <= 4.5.8. | ||||
| CVE-2025-47543 | 1 Themetechmount | 1 Truebooker | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Cross Site Request Forgery.This issue affects TrueBooker: from n/a through <= 1.0.7. | ||||
| CVE-2025-47542 | 1 Migaweb | 1 Simple Calendar For Elementor | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Simple calendar for Elementor simple-calendar-for-elementor allows Cross Site Request Forgery.This issue affects Simple calendar for Elementor: from n/a through <= 1.6.5. | ||||
| CVE-2025-47541 | 2026-04-01 | N/A | ||
| Insertion of Sensitive Information Into Sent Data vulnerability in WPFunnels Mail Mint mail-mint allows Retrieve Embedded Sensitive Data.This issue affects Mail Mint: from n/a through <= 1.17.7. | ||||
| CVE-2025-47540 | 1 Wedevs | 1 Wemail | 2026-04-01 | 7.5 High |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail wemail allows Retrieve Embedded Sensitive Data.This issue affects weMail: from n/a through <= 1.14.13. | ||||
| CVE-2025-47539 | 1 Themewinter | 1 Eventin | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in Arraytics Eventin wp-event-solution allows Privilege Escalation.This issue affects Eventin: from n/a through <= 4.0.26. | ||||
| CVE-2025-47538 | 1 Wpdever | 1 Cart Tracking For Woocommerce | 2026-04-01 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdever Cart tracking for WooCommerce cart-tracking-for-woocommerce allows SQL Injection.This issue affects Cart tracking for WooCommerce: from n/a through <= 1.0.17. | ||||
| CVE-2025-47537 | 2026-04-01 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 5.3.8. | ||||
| CVE-2025-47536 | 2 Keywordrush, Wordpress | 2 Content Egg, Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in keywordrush Content Egg content-egg allows Object Injection.This issue affects Content Egg: from n/a through <= 7.0.0. | ||||
| CVE-2025-47535 | 1 Wpopal | 1 Opal Woo Custom Product Variation | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpopal Opal Woo Custom Product Variation opal-woo-custom-product-variation allows Path Traversal.This issue affects Opal Woo Custom Product Variation: from n/a through <= 1.2.0. | ||||
| CVE-2025-47534 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in ValvePress Wordpress Auto Spinner wp-auto-spinner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wordpress Auto Spinner: from n/a through <= 3.25.0. | ||||
| CVE-2025-47533 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design Graphina graphina-elementor-charts-and-graphs allows PHP Local File Inclusion.This issue affects Graphina: from n/a through <= 3.0.4. | ||||
| CVE-2025-47532 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in CoinPayments CoinPayments.net Payment Gateway for WooCommerce coinpayments-payment-gateway-for-woocommerce allows Object Injection.This issue affects CoinPayments.net Payment Gateway for WooCommerce: from n/a through <= 1.0.17. | ||||
| CVE-2025-47531 | 1 Xylusthemes | 1 Xt Event Widget For Social Events | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes XT Event Widget for Social Events xt-facebook-events allows PHP Local File Inclusion.This issue affects XT Event Widget for Social Events: from n/a through <= 1.1.7. | ||||
| CVE-2025-47530 | 2026-04-01 | N/A | ||
| Deserialization of Untrusted Data vulnerability in WPFunnels WPFunnels wpfunnels allows Object Injection.This issue affects WPFunnels: from n/a through <= 3.5.18. | ||||
| CVE-2025-47529 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in UX Design Experts Experto CTA Widget – Call To Action, Sticky CTA, Floating Button Plugin experto-cta-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Experto CTA Widget – Call To Action, Sticky CTA, Floating Button Plugin: from n/a through <= 1.1.1. | ||||
| CVE-2025-47528 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in pewilliams Ovation Elements ovation-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ovation Elements: from n/a through <= 1.1.2. | ||||
| CVE-2025-47527 | 2026-04-01 | N/A | ||
| Missing Authorization vulnerability in Icegram Icegram Collect icegram-rainmaker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram Collect: from n/a through <= 1.3.18. | ||||