Search Results (36863 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-60148 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in wpshuffle Subscribe to Download subscribe-to-download allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe to Download: from n/a through <= 2.0.9.
CVE-2025-60129 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Yext Yext yext allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Yext: from n/a through <= 1.1.3.
CVE-2025-60128 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in WP Delicious Delisho dr-widgets-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Delisho: from n/a through <= 1.1.3.
CVE-2025-60127 2 Artistscope, Wordpress 2 Copysafe Web Protection, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in ArtistScope CopySafe Web Protection wp-copysafe-web allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CopySafe Web Protection: from n/a through <= 5.1.
CVE-2025-60123 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in HivePress HivePress Claim Listings hivepress-claim-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HivePress Claim Listings: from n/a through <= 1.1.3.
CVE-2025-60122 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in HivePress HivePress Claim Listings hivepress-claim-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HivePress Claim Listings: from n/a through <= 1.1.4.
CVE-2025-60121 2 Exthemes, Wordpress 2 Wooevents, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Ex-Themes WooEvents woo-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooEvents: from n/a through <= 4.1.7.
CVE-2025-60120 2 Wordpress, Wpdirectorykit 2 Wordpress, Wp Directory Kit 2026-04-23 5.3 Medium
Missing Authorization vulnerability in WPDirectoryKit WP Directory Kit wpdirectorykit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Directory Kit: from n/a through <= 1.4.0.
CVE-2025-60118 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Potenzaglobalsolutions PGS Core pgs-core allows SQL Injection.This issue affects PGS Core: from n/a through <= 5.9.0.
CVE-2025-60116 2 Themegoods, Wordpress 2 Grand Conference, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Conference Theme Custom Post Type: from n/a through < 2.6.4.
CVE-2025-60110 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows SQL Injection.This issue affects AllInOne - Banner Rotator: from n/a through <= 3.8.
CVE-2025-60109 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Content Slider all-in-one-contentSlider allows Blind SQL Injection.This issue affects LambertGroup - AllInOne - Content Slider: from n/a through <= 3.8.
CVE-2025-60108 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails all-in-one-thumbnailsBanner allows Blind SQL Injection.This issue affects LambertGroup - AllInOne - Banner with Thumbnails: from n/a through <= 3.8.
CVE-2025-60107 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Playlist all-in-one-bannerWithPlaylist allows Blind SQL Injection.This issue affects LambertGroup - AllInOne - Banner with Playlist: from n/a through <= 3.8.
CVE-2025-60106 1 Wordpress 1 Wordpress 2026-04-23 4.9 Medium
Missing Authorization vulnerability in Roxnor EmailKit emailkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EmailKit: from n/a through <= 1.6.0.
CVE-2025-60103 2 Cridio, Wordpress 2 Listingpro, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in CridioStudio ListingPro listingpro-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through <= 2.9.8.
CVE-2025-60100 2 8theme, Wordpress 2 Xstore, Wordpress 2026-04-23 5.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through < 9.6.
CVE-2025-60098 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through <= 7.1.12.
CVE-2025-60097 2 Codexthemes, Wordpress 2 Thegem, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in CodexThemes TheGem thegem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TheGem: from n/a through <= 5.10.5.
CVE-2025-60096 3 Codexthemes, Elementor, Wordpress 3 Thegem, Elementor, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in CodexThemes TheGem (Elementor) thegem-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TheGem (Elementor): from n/a through <= 5.10.5.