Search Results (36977 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-56295 1 Ays-pro 1 Poll Maker 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 5.5.6.
CVE-2024-56294 2 Posimyth, Wordpress 2 Nexter Blocks, Wordpress 2026-04-23 6.4 Medium
Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through <= 4.0.7.
CVE-2024-56290 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-billing-address-for-woocommerce allows SQL Injection.This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through <= 1.2.
CVE-2024-56284 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sslplugins SSL Wireless SMS Notification ssl-wireless-sms-notification allows SQL Injection.This issue affects SSL Wireless SMS Notification: from n/a through <= 3.5.0.
CVE-2024-56276 1 Wpforms 1 Wpforms 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through <= 1.9.2.2.
CVE-2024-56273 1 Wpvivid 1 Migration\, Backup\, Staging 2026-04-23 4.3 Medium
Missing Authorization vulnerability in wpvividplugins WPvivid Backup and Migration wpvivid-backuprestore allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPvivid Backup and Migration: from n/a through <= 0.9.106.
CVE-2024-56272 2026-04-23 4.3 Medium
Missing Authorization vulnerability in ThemeSupport Hide Category by User Role for WooCommerce hide-category-by-user-role-for-woocommerce.This issue affects Hide Category by User Role for WooCommerce: from n/a through <= 2.1.1.
CVE-2024-56271 2026-04-23 4.3 Medium
Missing Authorization vulnerability in SecureSubmit WP SecureSubmit securesubmit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SecureSubmit: from n/a through <= 1.5.20.
CVE-2024-56270 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in SecureSubmit WP SecureSubmit securesubmit allows Retrieve Embedded Sensitive Data.This issue affects WP SecureSubmit: from n/a through <= 1.5.20.
CVE-2024-56266 1 Sonaar 1 Mp3 Audio Player For Music\, Radio \& Podcast 2026-04-23 6.3 Medium
Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through <= 5.8.
CVE-2024-56255 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Stiofan AyeCode Connect ayecode-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AyeCode Connect: from n/a through <= 1.3.8.
CVE-2024-56253 2026-04-23 5.4 Medium
Missing Authorization vulnerability in supsystic Data Tables Generator by Supsystic data-tables-generator-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Data Tables Generator by Supsystic: from n/a through <= 1.10.36.
CVE-2024-56250 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Greg Ross Just Writing Statistics just-writing-statistics allows SQL Injection.This issue affects Just Writing Statistics: from n/a through <= 4.7.
CVE-2024-56247 1 Afthemes 1 Wp Post Author 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author wp-post-author allows SQL Injection.This issue affects WP Post Author: from n/a through <= 3.8.2.
CVE-2024-56244 1 Wordpress 1 Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in WP Royal Ashe Extra ashe-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through <= 1.2.92.
CVE-2024-56243 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in JS Morisset WPSSO Core wpsso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSSO Core: from n/a through <= 18.18.1.
CVE-2024-56238 2026-04-23 5.3 Medium
Missing Authorization vulnerability in QuantumCloud Floating Action Buttons floating-action-buttons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Floating Action Buttons: from n/a through <= 0.9.1.
CVE-2024-56234 1 Wordpress 1 Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in vowelweb VW Automobile Lite vw-automobile-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Automobile Lite: from n/a through <= 2.1.
CVE-2024-56227 1 Royal-elementor-addons 1 Royal Elementor Addons 2026-04-23 4.3 Medium
Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1001.
CVE-2024-56225 1 Leap13 1 Premium Addons For Elementor 2026-04-23 5.4 Medium
Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through <= 4.10.56.