Search Results (36916 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-32307 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Chameleon HTML5 Audio Player With/Without Playlist lbg-audio1-html5 allows SQL Injection.This issue affects Chameleon HTML5 Audio Player With/Without Playlist: from n/a through <= 3.5.6.
CVE-2025-32306 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Radio Player Shoutcast & Icecast WordPress Plugin audio4-html5 allows Blind SQL Injection.This issue affects Radio Player Shoutcast & Icecast WordPress Plugin: from n/a through <= 4.4.6.
CVE-2025-32301 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown Pro WP Plugin circular_countdown allows SQL Injection.This issue affects CountDown Pro WP Plugin: from n/a through <= 2.7.
CVE-2025-32297 2 Quantumcloud, Wordpress 2 Simple Link Directory, Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in quantumcloud Simple Link Directory qc-simple-link-directory allows SQL Injection.This issue affects Simple Link Directory: from n/a through < 14.8.1.
CVE-2025-32296 2026-04-23 5.3 Medium
Missing Authorization vulnerability in quantumcloud Simple Link Directory qc-simple-link-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Link Directory: from n/a through < 14.8.1.
CVE-2025-32295 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in wordpresschef Salon Booking Pro salon-booking-plugin-pro-cc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon Booking Pro: from n/a through <= 10.10.2.
CVE-2025-32290 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Sticky HTML5 Music Player lbg-audio3-html5 allows SQL Injection.This issue affects Sticky HTML5 Music Player: from n/a through <= 3.1.6.
CVE-2025-32287 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist lbg-audio2-html5 allows SQL Injection.This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through <= 3.5.7.
CVE-2025-32279 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Shahjada Live Forms liveforms.This issue affects Live Forms: from n/a through <= 4.8.5.
CVE-2025-32277 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RepairBuddy: from n/a through <= 3.8213.
CVE-2025-32260 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Detheme DethemeKit For Elementor dethemekit-for-elementor.This issue affects DethemeKit For Elementor: from n/a through <= 2.1.10.
CVE-2025-32259 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Alimir WP ULike wp-ulike.This issue affects WP ULike: from n/a through <= 4.7.9.1.
CVE-2025-32258 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in InfoGiants Simple Website Logo simple-website-logo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Website Logo: from n/a through <= 1.1.
CVE-2025-32256 2026-04-23 5.3 Medium
Missing Authorization vulnerability in devsoftbaltic SurveyJS surveyjs allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SurveyJS: from n/a through <= 1.12.20.
CVE-2025-32254 1 Iqonic 1 Wpbookit 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Iqonic Design WPBookit wpbookit allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPBookit: from n/a through <= 1.0.7.
CVE-2025-32253 2026-04-23 5.3 Medium
Missing Authorization vulnerability in ComMotion Course Booking System course-booking-system allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Course Booking System: from n/a through <= 6.1.
CVE-2025-32252 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Black and White WP Genealogy – Your Family History Website wpgenealogy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Genealogy – Your Family History Website: from n/a through <= 0.1.9.
CVE-2025-32244 2026-04-23 6.5 Medium
Missing Authorization vulnerability in QuantumCloud SEO Help seo-help allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Help: from n/a through <= 6.7.9.
CVE-2025-32243 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Toast Plugins Internal Link Optimiser internal-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Internal Link Optimiser: from n/a through <= 5.1.2.
CVE-2025-32242 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hive Support: from n/a through <= 1.2.5.