Search

Expected end of text, found '\u200b' (at char 17), (line:1, col:18)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347095 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-49820 1 Wpsc-plugin 1 Structured Content 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3.
CVE-2023-49821 1 Livechat 1 Livechat 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in LiveChat LiveChat – WP live chat plugin for WordPress.This issue affects LiveChat – WP live chat plugin for WordPress: from n/a through 4.5.15.
CVE-2023-49815 1 Wordpress 1 Wordpress 2026-04-28 10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in WappPress Team WappPress.This issue affects WappPress: from n/a through 5.0.3.
CVE-2023-49816 1 Whereyoursolutionis 1 Fix My Feed Rss Repair 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solutions Fix My Feed RSS Repair.This issue affects Fix My Feed RSS Repair: from n/a through 1.4.
CVE-2023-49813 1 Wppa 1 Wp Photo Album Plus 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.
CVE-2023-49819 1 Wpsc-plugin 1 Structured Content 2026-04-28 7.5 High
Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3.
CVE-2023-49777 1 Yithemes 1 Yith Woocommerce Product Add-ons 2026-04-28 9.1 Critical
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0.
CVE-2023-49812 1 Wppa 1 Wp Photo Album Plus 2026-04-28 5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.
CVE-2023-49814 1 Symbiostock 1 Symbiostock 2026-04-28 9.1 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Symbiostock symbiostock.This issue affects Symbiostock: from n/a through 6.0.0.
CVE-2023-49771 1 Petersplugins 1 Link Log 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Reflected XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2.
CVE-2023-49772 1 Phpbits 1 Genesis Simple Love 2026-04-28 10 Critical
Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love.This issue affects Genesis Simple Love: from n/a through 2.0.
CVE-2023-49778 1 Dmry 1 Sayfa Sayac 2026-04-28 10 Critical
Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6.
CVE-2023-49775 1 Deniskobozev 1 Csv Importer 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Denis Kobozev CSV Importer.This issue affects CSV Importer: from n/a through 0.3.8.
CVE-2023-49773 1 Bcorp Shortcodes Project 1 Bcorp Shortcodes 2026-04-28 10 Critical
Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23.
CVE-2023-49776 1 Dmry 1 Sayfa Sayac 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6.
CVE-2023-49768 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembly: from n/a through 2.0.10.
CVE-2023-49770 1 Petersplugins 1 Smart External Link Click Monitor \[link Log\] 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Stored XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2.
CVE-2023-49750 1 Spoonthemes 1 Couponis 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoonthemes Couponis - Affiliate & Submitting Coupons WordPress Theme.This issue affects Couponis - Affiliate & Submitting Coupons WordPress Theme: from n/a before 2.2.
CVE-2023-49761 1 Gravitymaster 1 Product Enquiry For Woocommerce 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Gravity Master Product Enquiry for WooCommerce.This issue affects Product Enquiry for WooCommerce: from n/a through 3.0.
CVE-2023-49769 1 Softlabbd 1 Integrate Google Drive 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4.