Search Results (36862 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-60062 1 Wordpress 1 Wordpress 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mmetrodw tPlayer tplayer-html5-audio-player-with-playlist allows SQL Injection.This issue affects tPlayer: from n/a through <= 1.2.1.6.
CVE-2025-59591 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.33.
CVE-2025-59581 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in VW THEMES Ibtana ibtana-visual-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ibtana: from n/a through <= 1.2.5.3.
CVE-2025-59576 2 Stylemixthemes, Wordpress 2 Masterstudy Lms, Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MasterStudy LMS: from n/a through <= 3.6.20.
CVE-2025-59573 2 Cozythemes, Wordpress 2 Cozy Blocks, Wordpress 2026-04-23 5.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in CozyThemes Cozy Blocks cozy-addons allows Code Injection.This issue affects Cozy Blocks: from n/a through <= 2.1.29.
CVE-2025-59570 2 Wordpress, Wpfunnels 2 Wordpress, Mail Mint Plugin 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFunnels Mail Mint mail-mint allows SQL Injection.This issue affects Mail Mint: from n/a through <= 1.18.6.
CVE-2025-59567 2 Relywp, Wordpress 2 Coupon Affiliates, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through <= 6.8.0.
CVE-2025-59561 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in hashthemes Smart Blocks smart-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Blocks: from n/a through <= 2.4.
CVE-2025-59559 2 Payrexx, Wordpress 2 Payment Gateway For Woocommerce, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in payrexx Payrexx Payment Gateway for WooCommerce woo-payrexx-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payrexx Payment Gateway for WooCommerce: from n/a through <= 3.1.5.
CVE-2025-59557 1 Wordpress 1 Wordpress 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeMove Learts Addons learts-addons allows SQL Injection.This issue affects Learts Addons: from n/a through < 1.7.5.
CVE-2025-59551 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.6.
CVE-2025-59129 1 Wordpress 1 Wordpress 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in appointify Appointify appointify allows Blind SQL Injection.This issue affects Appointify: from n/a through <= 1.0.8.
CVE-2025-59011 1 Wordpress 1 Wordpress 2026-04-23 7.5 High
Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through < 3.2.3.
CVE-2025-59008 1 Wordpress 1 Wordpress 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PressTigers ZIP Code Based Content Protection zip-code-based-content-protection allows SQL Injection.This issue affects ZIP Code Based Content Protection: from n/a through <= 1.0.0.
CVE-2025-59005 2 Frenify, Wordpress 2 Categorify, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in frenify Categorify categorify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Categorify: from n/a through <= 1.0.7.5.
CVE-2025-58993 2 Themeum, Wordpress 2 Tutor Lms, Wordpress 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS tutor allows SQL Injection.This issue affects Tutor LMS: from n/a through <= 3.7.4.
CVE-2025-58981 1 Wordpress 1 Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital accessibility-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Checker by Equalize Digital: from n/a through <= 1.31.0.
CVE-2025-58980 2 Myrecorp, Wordpress 2 Export Wp Page To Static Html/css, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in recorp Export WP Page to Static HTML/CSS export-wp-page-to-static-html allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Export WP Page to Static HTML/CSS: from n/a through <= 4.1.0.
CVE-2025-58979 2 Berqier, Wordpress 2 Berqwp, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in BerqWP BerqWP searchpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BerqWP: from n/a through <= 2.2.53.
CVE-2025-58978 2 Wordpress, Wpswings 2 Wordpress, Pdf Generator For Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in WP Swings PDF Generator for WordPress pdf-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF Generator for WordPress: from n/a through <= 1.5.4.