Search Results (36960 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-22716 1 Taskbuilder 1 Taskbuilder 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in taskbuilder Taskbuilder taskbuilder allows SQL Injection.This issue affects Taskbuilder: from n/a through <= 3.0.6.
CVE-2025-22710 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in storeapps Smart Manager smart-manager-for-wp-e-commerce allows Blind SQL Injection.This issue affects Smart Manager: from n/a through <= 8.52.0.
CVE-2025-22702 2026-04-23 6.3 Medium
Missing Authorization vulnerability in ThemeGoods Photography photography allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photography: from n/a through <= 7.7.2.
CVE-2025-22700 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler Code traveler-code.This issue affects Traveler Code: from n/a through < 3.1.3.
CVE-2025-22699 1 Wordpress 1 Wordpress 2026-04-23 9 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler Code traveler-code.This issue affects Traveler Code: from n/a through < 3.1.2.
CVE-2025-22696 2026-04-23 5.4 Medium
Missing Authorization vulnerability in WPDeveloper Document Block – Upload & Embed Docs document.This issue affects Document Block – Upload & Embed Docs: from n/a through <= 1.1.0.
CVE-2025-22694 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Dotstore Hide Shipping Method For WooCommerce hide-shipping-method-for-woocommerce.This issue affects Hide Shipping Method For WooCommerce: from n/a through <= 1.5.1.
CVE-2025-22693 1 Contest-gallery 1 Contest Gallery 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows SQL Injection.This issue affects Contest Gallery: from n/a through <= 25.1.0.
CVE-2025-22691 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel wp-travel allows SQL Injection.This issue affects WP Travel: from n/a through <= 10.1.3.
CVE-2025-22686 2026-04-23 5.3 Medium
Missing Authorization vulnerability in WesternDeal CF7 Google Sheets Connector cf7-google-sheets-connector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Google Sheets Connector: from n/a through <= 5.0.17.
CVE-2025-22681 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Xfinitysoft Content Cloner super-seo-content-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Content Cloner: from n/a through <= 1.0.1.
CVE-2025-22677 2026-04-23 4.8 Medium
Missing Authorization vulnerability in UIUX Lab Uix Shortcodes uix-shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uix Shortcodes: from n/a through <= 2.0.3.
CVE-2025-22673 2 Wordpress, Wpfactory 2 Wordpress, Ean For Woocommerce 2026-04-23 4.3 Medium
Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through <= 5.3.5.
CVE-2025-22671 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Leap13 Disable Elementor Editor Translation disable-elementor-editor-translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Disable Elementor Editor Translation: from n/a through <= 1.0.2.
CVE-2025-22670 2026-04-23 6.5 Medium
Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through <= 1.7.2.
CVE-2025-22668 2026-04-23 6.5 Medium
Missing Authorization vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Event Booking: from n/a through <= 2.7.2.
CVE-2025-22667 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Creative Werk Designs Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets wpsyncsheets-woocommerce.This issue affects Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets: from n/a through <= 1.8.2.
CVE-2025-22665 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad unusedcss allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RapidLoad: from n/a through <= 2.4.4.
CVE-2025-22657 2026-04-23 7.5 High
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through <= 4.0.9.
CVE-2025-22655 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Caio Web Dev CWD – Stealth Links cwd-stealth-links allows SQL Injection.This issue affects CWD – Stealth Links: from n/a through <= 1.3.