Search

Expected end of text, found 's' (at char 39), (line:1, col:40)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347095 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-46146 1 Themify 1 Ultra 2026-04-28 8.3 High
Missing Authorization vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5.
CVE-2023-46087 1 Mahlamusa 1 Who Hit The Page Hit Counter 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mahlamusa Who Hit The Page – Hit Counter plugin <= 1.4.14.3 versions.
CVE-2023-46081 1 Lava-code 1 Lava Directory Manager 2026-04-28 7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Lavacode Lava Directory Manager plugin <= 1.1.34 versions.
CVE-2023-46085 1 Wpmet 1 Wp Ultimate Review 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.2.4 versions.
CVE-2023-46077 1 Arrowplugins 1 The Awesome Feed 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin <= 2.2.5 versions.
CVE-2023-46086 1 Servit 1 Affiliate-toolkit 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate Plugin allows Reflected XSS.This issue affects affiliate-toolkit – WordPress Affiliate Plugin: from n/a through 3.4.3.
CVE-2023-46084 1 Bplugins 1 Icons Font Loader 2026-04-28 8.8 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bPlugins LLC Icons Font Loader allows SQL Injection.This issue affects Icons Font Loader: from n/a through 1.1.2.
CVE-2023-46078 1 Pluginever 1 Wc Serial Numbers 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in PluginEver WC Serial Numbers plugin <= 1.6.3 versions.
CVE-2023-46076 1 Rednao 1 Woocommerce Pdf Invoice Builder 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin <= 1.2.102 versions.
CVE-2023-46069 1 Osmansorkar 1 Ajax Archive Calendar 2026-04-28 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Osmansorkar Ajax Archive Calendar plugin <= 2.6.7 versions.
CVE-2023-46070 1 Egeorjon 1 Eg-attachments 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Emmanuel GEORJON EG-Attachments plugin <= 2.1.3 versions.
CVE-2023-46075 1 Wpdevart 1 Contact Form Builder 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpdevart Contact Form Builder, Contact Widget plugin <= 2.1.6 versions.
CVE-2023-46072 1 Add Shortcodes Actions And Filters Project 1 Add Shortcodes Actions And Filters 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Simpson Add Shortcodes Actions And Filters plugin <= 2.0.9 versions.
CVE-2023-46066 1 Codedraft 1 Mediabay - Wordpress Media Library Folders 2026-04-28 5.9 Medium
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Codedrafty Mediabay – Media Library Folders plugin <= 1.6 versions.
CVE-2023-46071 1 Clickdatos 1 Proteccion De Datos Rgpd 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickDatos Protección de Datos RGPD plugin <= 3.1.0 versions.
CVE-2023-46067 1 Qwerty23 1 Rocket Font 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Font plugin <= 1.2.3 versions.
CVE-2023-45836 1 Xydac 1 Ultimate Taxonomy Manager 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in XYDAC Ultimate Taxonomy Manager plugin <= 2.0 versions.
CVE-2023-45837 1 Xydac 1 Ultimate Taxonomy Manager 2026-04-28 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XYDAC Ultimate Taxonomy Manager plugin <= 2.0 versions.
CVE-2023-45767 1 Wokamoto 1 Simple Tweet 2026-04-28 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wokamoto Simple Tweet plugin <= 1.4.0.2 versions.
CVE-2023-45762 1 Michaeluno 1 Responsive Column Widgets 2026-04-28 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Michael Uno (miunosoft) Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7.