Search Results (36911 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-39385 2026-04-23 4.3 Medium
Missing Authorization vulnerability in vowelweb Sirat sirat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sirat: from n/a through <= 1.5.1.
CVE-2025-39377 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Appsero Helper appsero-helper allows SQL Injection.This issue affects Appsero Helper: from n/a through <= 1.3.4.
CVE-2025-39376 2026-04-23 4.3 Medium
Missing Authorization vulnerability in QuanticaLabs Car Park Booking System for WordPress car-park-booking-system-for-wordpress.This issue affects Car Park Booking System for WordPress: from n/a through <= 2.6.
CVE-2025-39370 1 Wordpress 1 Wordpress 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cnilsson iCafe Library icafe-library allows SQL Injection.This issue affects iCafe Library: from n/a through <= 1.8.3.
CVE-2025-39368 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in ed4becky Rootspersona rootspersona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rootspersona: from n/a through <= 3.7.5.
CVE-2025-39367 2026-04-23 5.3 Medium
Missing Authorization vulnerability in SeventhQueen Kleo kleo.This issue affects Kleo: from n/a through < 5.4.4.
CVE-2025-39362 2 Mollie, Wordpress 2 Mollie Payments For Woocommerce, Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Mollie Mollie Payments for WooCommerce mollie-payments-for-woocommerce.This issue affects Mollie Payments for WooCommerce: from n/a through <= 8.0.2.
CVE-2025-39357 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla Hospital Management System hospital-management allows SQL Injection.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023).
CVE-2025-39355 1 Roninwp 1 Fat Services Booking 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in roninwp FAT Services Booking fat-services-booking allows SQL Injection.This issue affects FAT Services Booking: from n/a through <= 5.6.
CVE-2025-39353 1 Themegoods 1 Grand Restaurant 2026-04-23 5.3 Medium
Missing Authorization vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant: from n/a through <= 7.0.
CVE-2025-39352 1 Themegoods 1 Grand Restaurant 2026-04-23 8.2 High
Missing Authorization vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant: from n/a through <= 7.0.
CVE-2025-32929 2026-04-23 7.5 High
Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Generator for WooCommerce embedding-barcodes-into-product-pages-and-orders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Barcode Generator for WooCommerce: from n/a through <= 2.0.4.
CVE-2025-32924 1 Roninwp 1 Revy 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in roninwp Revy revy allows SQL Injection.This issue affects Revy: from n/a through <= 2.1.
CVE-2025-32688 2 Sovica, Wordpress 2 Target Video Easy Publish, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in Nebojsa Target Video Easy Publish brid-video-easy-publish.This issue affects Target Video Easy Publish: from n/a through <= 3.8.9.
CVE-2025-32687 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magnigenie Review Stars Count For WooCommerce review-stars-count-for-woocommerce allows SQL Injection.This issue affects Review Stars Count For WooCommerce: from n/a through <= 2.0.
CVE-2025-32685 1 Wordpress 1 Wordpress 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aristo Rinjuang WP Inquiries wp-inquiries allows SQL Injection.This issue affects WP Inquiries: from n/a through <= 0.2.1.
CVE-2025-32684 2026-04-23 5 Medium
Missing Authorization vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MapSVG: from n/a through <= 8.6.4.
CVE-2025-32681 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Guru Error Log Viewer error-log-viewer-wp allows Blind SQL Injection.This issue affects Error Log Viewer: from n/a through <= 1.0.5.
CVE-2025-32677 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in solwininfotech WP Social Stream Designer social-stream-design allows Blind SQL Injection.This issue affects WP Social Stream Designer: from n/a through <= 1.3.
CVE-2025-32676 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Picture-Planet GmbH Verowa Connect verowa-connect allows Blind SQL Injection.This issue affects Verowa Connect: from n/a through <= 3.0.5.