NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Results Type: Overview
Keyword (text search): Wordpress
Search Type: Search All

There are 9,203 matching records.

Displaying matches 1,781 through 1,800.

Vuln ID	Summary	CVSS Severity
CVE-2023-52182	Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0. Published: December 31, 2023; 5:15:08 AM -0500	V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available)
CVE-2023-51688	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress.This issue affects eCommerce Product Catalog Plugin for WordPress: from n/a through 3.3.26. Published: December 29, 2023; 10:15:10 AM -0500	V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available)
CVE-2023-51419	Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome: from n/a through 1.11.10.7. Published: December 29, 2023; 9:15:47 AM -0500	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available)
CVE-2023-50893	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UpSolution Impreza – WordPress Website and WooCommerce Builder allows Reflected XSS.This issue affects Impreza – WordPress Website and WooCommerce Builder: from n/a through 8.17.4. Published: December 29, 2023; 7:15:45 AM -0500	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available)
CVE-2023-50892	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme allows Reflected XSS.This issue affects TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme: from n/a through 5.9.1. Published: December 29, 2023; 7:15:45 AM -0500	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available)
CVE-2023-50891	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress – Zoho Forms: from n/a through 3.0.1. Published: December 29, 2023; 7:15:45 AM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2023-50889	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder – WordPress Page Builder allows Stored XSS.This issue affects Beaver Builder – WordPress Page Builder: from n/a through 2.7.2. Published: December 29, 2023; 7:15:45 AM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2023-50879	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WordPress.Com Editing Toolkit allows Stored XSS.This issue affects WordPress.Com Editing Toolkit: from n/a through 3.78784. Published: December 29, 2023; 7:15:44 AM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2023-52135	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE – Drag & Drop Contact Form Builder for WordPress.This issue affects WS Form LITE – Drag & Drop Contact Form Builder for WordPress: from n/a through 1.9.170. Published: December 29, 2023; 6:15:11 AM -0500	V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available)
CVE-2023-51372	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HashBar – WordPress Notification Bar allows Stored XSS.This issue affects HashBar – WordPress Notification Bar: from n/a through 1.4.1. Published: December 29, 2023; 6:15:09 AM -0500	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0:(not available)
CVE-2023-50896	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weForms weForms – Easy Drag & Drop Contact Form Builder For WordPress allows Stored XSS.This issue affects weForms – Easy Drag & Drop Contact Form Builder For WordPress: from n/a through 1.6.17. Published: December 29, 2023; 6:15:08 AM -0500	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0:(not available)
CVE-2022-44589	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in miniOrange miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email \| Passwordless login.This issue affects miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email \| Passwordless login: from n/a through 5.6.1. Published: December 29, 2023; 5:15:08 AM -0500	V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available)
CVE-2023-40606	Improper Control of Generation of Code ('Code Injection') vulnerability in Kanban for WordPress Kanban Boards for WordPress.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21. Published: December 29, 2023; 4:15:08 AM -0500	V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available)
CVE-2022-36399	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BoxyStudio Booked - Appointment Booking for WordPress \| Calendars.This issue affects Booked - Appointment Booking for WordPress \| Calendars: from n/a before 2.4.4. Published: December 28, 2023; 5:15:45 PM -0500	V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available)
CVE-2023-50845	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or Classified Directory: from n/a through 2.3.28. Published: December 28, 2023; 2:15:15 PM -0500	V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available)
CVE-2023-50849	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23. Published: December 28, 2023; 7:15:42 AM -0500	V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available)
CVE-2023-50856	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits.This issue affects Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits: from n/a through 2.14.3. Published: December 28, 2023; 6:15:09 AM -0500	V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available)
CVE-2023-27447	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc.This issue affects WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc: from n/a through 6.0.4. Published: December 28, 2023; 6:15:07 AM -0500	V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available)
CVE-2023-51501	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Undsgn Uncode - Creative & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Uncode - Creative & WooCommerce WordPress Theme: from n/a through 2.8.6. Published: December 28, 2023; 5:15:09 AM -0500	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available)
CVE-2023-50874	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney WordPress Infinite Scroll – Ajax Load More allows Stored XSS.This issue affects WordPress Infinite Scroll – Ajax Load More: from n/a through 6.1.0.1. Published: December 28, 2023; 5:15:08 AM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available)