Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347351 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-32586 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Thomas Michalak Soundcloud Is Gold allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Soundcloud Is Gold: from n/a through 2.5.1.
CVE-2023-32585 2026-04-28 7.5 High
Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6.
CVE-2023-32581 1 Wordpress 1 Wordpress 2026-04-28 5.4 Medium
Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7.
CVE-2023-32579 1 Designsandcode 1 Forget About Shortcode Buttons 2026-04-28 5.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Designs & Code Forget About Shortcode Buttons plugin <= 2.1.2 versions.
CVE-2023-32574 1 Wordpress 1 Wordpress 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Fahad Mahmood Injection Guard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Injection Guard: from n/a through 1.2.1.
CVE-2023-32520 2 Webcodin, Wordpress 2 Wcp Contact Form, Wordpress 2026-04-28 7.5 High
Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0.
CVE-2023-32519 1 Webcodin 1 Wcp Contact Form 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0.
CVE-2023-32512 1 Shortpixel 1 Shortpixel Adaptive Images 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.
CVE-2023-32508 2 Cagewebdev, Rolfvangelder 2 Order Your Posts Manually, Order Your Posts Monthly 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolf van Gelder Order Your Posts Manually allows SQL Injection.This issue affects Order Your Posts Manually: from n/a through 2.2.5.
CVE-2023-32507 2 Wordpress, Wp3sixty 2 Wordpress, Woo Custom Emails 2026-04-28 7.3 High
Missing Authorization vulnerability in wp3sixty Woo Custom Emails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Custom Emails: from n/a through 2.2.
CVE-2023-32506 2026-04-28 6.5 Medium
Missing Authorization vulnerability in Link Whisper Link Whisper Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Link Whisper Free: from n/a through 0.6.3.
CVE-2023-32502 1 Cyberwire 1 Pro Mime Types 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin <= 1.0.7 versions.
CVE-2023-32501 1 Vikwp 1 Vikbooking Hotel Booking Engine \& Pms 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.6.1 versions.
CVE-2023-32500 1 Xtemos 1 Woodmart 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme <= 7.1.1 versions.
CVE-2023-32298 1 Helgatheviking 1 Simple User Listing 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kathy Darling Simple User Listing plugin <= 1.9.2 versions.
CVE-2023-32293 1 Realwebcare 1 Wrc Pricing Tables 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Realwebcare WRC Pricing Tables allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WRC Pricing Tables: from n/a through 2.3.7.
CVE-2023-32240 2 Wordpress, Xtemos 2 Wordpress, Woodmart 2026-04-28 5.4 Medium
Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1.
CVE-2023-32128 1 Adastracrypto 1 Cryptocurrency Payment \& Donation Box 2026-04-28 5.5 Medium
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free: from n/a through 2.2.7.
CVE-2023-32126 2026-04-28 4.3 Medium
Missing Authorization vulnerability in WPoperation SALERT allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALERT: from n/a through 1.2.1.
CVE-2023-32125 1 Danielpowney 1 Multi Rating 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions.