Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Missing Authorization vulnerability in vowelweb VW Portfolio vw-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Portfolio: from n/a through <= …
Missing Authorization vulnerability in vowelweb VW Photography vw-photography allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Photography: from n/a throu…
Missing Authorization vulnerability in vowelweb VW Pet Shop vw-pet-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Pet Shop: from n/a through <= 1.4…
Missing Authorization vulnerability in vowelweb VW Fitness vw-fitness allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Fitness: from n/a through <= 4.3.4.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in codepeople CP Contact Form with Paypal cp-contact-form-with-paypal allows Blind SQL Injection.Thi…
Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP T…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Bulk Edit astra-bulk-edit allows DOM-Based XSS.This issue affects Astra Bu…
Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: fro…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.T…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Stored XSS.This issue …
Missing Authorization vulnerability in vowelweb VW Education Lite vw-education-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Education Lite: from …
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themelexus Medilazar Core medilazar-core allows PHP Local File Inclusion.This …
Missing Authorization vulnerability in linknacional Payment Gateway Pix For GiveWP payment-gateway-pix-for-givewp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue af…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Sprout Clients sprout-clients allows Stored XSS.This issue affects Sprout Clients: from …
Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin …
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP Eas…
Missing Authorization vulnerability in Agile Logix Post Timeline post-timeline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Timeline: from n/a throu…
Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garcia GamiPress gamipress allows Cross Site Request Forgery.This issue affects GamiPress: from n/a through <= 7.6.6.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: …
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fernando Briano List category posts list-category-posts allows DOM-Based XSS.This issue affects L…