Search Results (36952 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-30936 1 Wordpress 1 Wordpress 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Torod Company for Information Technology Torod torod allows SQL Injection.This issue affects Torod: from n/a through <= 2.1.
CVE-2025-30934 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン os-diagnosis-generator allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 診断ジェネレータ作成プラグイン: from n/a through <= 1.4.16.
CVE-2025-30932 2026-04-23 5.4 Medium
Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through <= 6.30.32.
CVE-2025-30929 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in amazewp fluXtore fluxtore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fluXtore: from n/a through <= 1.6.0.
CVE-2025-30927 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Wordapp Team Wordapp wordapp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wordapp: from n/a through <= 1.7.0.
CVE-2025-30926 2026-04-23 4.3 Medium
Missing Authorization vulnerability in KingAddons.com King Addons for Elementor king-addons.This issue affects King Addons for Elementor: from n/a through <= 24.12.58.
CVE-2025-30921 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Software Newsletters newsletters-lite allows SQL Injection.This issue affects Newsletters: from n/a through <= 4.9.9.7.
CVE-2025-30916 2026-04-23 6.5 Medium
Missing Authorization vulnerability in enituretechnology Residential Address Detection residential-address-detection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Residential Address Detection: from n/a through <= 2.5.4.
CVE-2025-30915 2026-04-23 6.5 Medium
Missing Authorization vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through <= 5.2.19.
CVE-2025-30909 2 Conversios, Wordpress 2 Conversios.io, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through <= 7.2.3.
CVE-2025-30897 1 Analytify 1 Analytify - Google Analytics Dashboard 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through <= 5.5.1.
CVE-2025-30896 2026-04-23 5.4 Medium
Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through <= 1.13.4.
CVE-2025-30894 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through <= 1.79.262.
CVE-2025-30887 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 4.2.9.
CVE-2025-30886 1 Joomsky 1 Js Help Desk 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows SQL Injection.This issue affects JS Help Desk: from n/a through <= 2.9.2.
CVE-2025-30883 2026-04-23 4.3 Medium
Missing Authorization vulnerability in richplugins Trust.Reviews fb-reviews-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trust.Reviews: from n/a through <= 2.3.
CVE-2025-30881 2 Themehunk, Wordpress 2 Big Store, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in themehunk Big Store big-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Big Store: from n/a through <= 2.0.8.
CVE-2025-30880 2 Joomsky, Wordpress 2 Js Help Desk, Wordpress 2026-04-23 7.5 High
Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2.
CVE-2025-30879 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert allows SQL Injection.This issue affects MC Woocommerce Wishlist: from n/a through <= 1.8.9.
CVE-2025-30877 2026-04-23 2.7 Low
Missing Authorization vulnerability in fatcatapps Quiz Cat quiz-cat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz Cat: from n/a through <= 3.0.8.