Vulnerabilidades CVE

Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD

Total: 16,827 CVEs

CVE ID	CVSS	Severidad	KEV	Publicado
CVE-2026-32427 Missing Authorization vulnerability in vowelweb VW Education Lite vw-education-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Education Lite: from n...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32426 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themelexus Medilazar Core medilazar-core allows PHP Local File Inclusion.This i...	7.5	HIGH	—	3/13/2026
CVE-2026-32425 Missing Authorization vulnerability in linknacional Payment Gateway Pix For GiveWP payment-gateway-pix-for-givewp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32424 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Sprout Clients sprout-clients allows Stored XSS.This issue affects Sprout Clients: from n...	6.5	MEDIUM	—	3/13/2026
CVE-2026-32423 Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin a...	5.4	MEDIUM	—	3/13/2026
CVE-2026-32422 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP Easy...	8.5	HIGH	—	3/13/2026
CVE-2026-32421 Missing Authorization vulnerability in Agile Logix Post Timeline post-timeline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Timeline: from n/a throug...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32420 Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garcia GamiPress gamipress allows Cross Site Request Forgery.This issue affects GamiPress: from n/a through <= 7.6.6.	5.4	MEDIUM	—	3/13/2026
CVE-2026-32419 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fernando Briano List category posts list-category-posts allows DOM-Based XSS.This issue affects Li...	5.9	MEDIUM	—	3/13/2026
CVE-2026-32418 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: f...	7.6	HIGH	—	3/13/2026
CVE-2026-32417 Missing Authorization vulnerability in wppochipp Pochipp pochipp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pochipp: from n/a through < 1.18.9.	5.4	MEDIUM	—	3/13/2026
CVE-2026-32416 Missing Authorization vulnerability in bPlugins PDF Poster pdf-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF Poster: from n/a through <= 2.4.0.	5.4	MEDIUM	—	3/13/2026
CVE-2026-32415 Path Traversal: '.../...//' vulnerability in Bogdan Bendziukov Squeeze squeeze allows Path Traversal.This issue affects Squeeze: from n/a through <= 1.7.7.	5.0	MEDIUM	—	3/13/2026
CVE-2026-32414 Improper Control of Generation of Code ('Code Injection') vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Remote Code Inclusion.This issue affects Advanced Woo Labels: from n/a t...	7.2	HIGH	—	3/13/2026
CVE-2026-32413 Missing Authorization vulnerability in Maciej Bis Permalink Manager Lite permalink-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Permalink Manager ...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32412 Server-Side Request Forgery (SSRF) vulnerability in Gift Up! Gift Up Gift Cards for WordPress and WooCommerce gift-up allows Server Side Request Forgery.This issue affects Gift Up Gift Cards for WordP...	5.4	MEDIUM	—	3/13/2026
CVE-2026-32411 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simpma Embed Calendly embed-calendly-scheduling allows Stored XSS.This issue affects Embed Calendl...	6.5	MEDIUM	—	3/13/2026
CVE-2026-32410 Missing Authorization vulnerability in WBW Plugins WBW Currency Switcher for WooCommerce woo-currency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WBW Cur...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32409 Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fo...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32408 Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through <= 2.7.23.	4.3	MEDIUM	—	3/13/2026
CVE-2026-32407 Missing Authorization vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Sma...	4.3	MEDIUM	—	3/13/2026
CVE-2026-32406 Missing Authorization vulnerability in WPClever WPC Product Bundles for WooCommerce woo-product-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Pr...	4.3	MEDIUM	—	3/13/2026
CVE-2026-32405 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a throu...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32404 Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: ...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32403 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows DOM-Based XSS.This issue affects Toocheke Co...	6.5	MEDIUM	—	3/13/2026
CVE-2026-32402 Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a t...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32401 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows PHP Local F...	7.2	HIGH	—	3/13/2026
CVE-2026-32400 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affec...	7.5	HIGH	—	3/13/2026
CVE-2026-32399 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Blind SQL Injection.This issu...	8.5	HIGH	—	3/13/2026
CVE-2026-32398 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Subrata Mal TeraWallet – For WooCommerce woo-wallet allows Leveraging Race Conditions.This ...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32397 Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32396 Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13.	5.3	MEDIUM	—	3/13/2026
CVE-2026-32395 Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.Thi...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32394 Missing Authorization vulnerability in PublishPress PublishPress Capabilities capability-manager-enhanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pub...	4.3	MEDIUM	—	3/13/2026
CVE-2026-32393 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly Theme Addons greenly-addons allows PHP Local File Incl...	7.5	HIGH	—	3/13/2026
CVE-2026-32392 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly greenly allows PHP Local File Inclusion.This issue aff...	7.5	HIGH	—	3/13/2026
CVE-2026-32391 Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through < 1.2.4.	5.4	MEDIUM	—	3/13/2026
CVE-2026-32390 Missing Authorization vulnerability in linethemes Nanosoft nanosoft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nanosoft: from n/a through < 1.3.2.	5.4	MEDIUM	—	3/13/2026
CVE-2026-32388 Missing Authorization vulnerability in linethemes GLB glb allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GLB: from n/a through <= 1.2.2.	5.4	MEDIUM	—	3/13/2026
CVE-2026-32387 Missing Authorization vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout for PayPal:...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32386 Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Extra: from n/a through <= 1.9.1...	5.4	MEDIUM	—	3/13/2026
CVE-2026-32385 Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This...	5.4	MEDIUM	—	3/13/2026
CVE-2026-32384 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam WpBookingly service-booking-manager allows PHP Local File Inclus...	7.5	HIGH	—	3/13/2026
CVE-2026-32383 Missing Authorization vulnerability in raratheme Ridhi ridhi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ridhi: from n/a through <= 1.1.2.	5.3	MEDIUM	—	3/13/2026
CVE-2026-32382 Missing Authorization vulnerability in raratheme Digital Download digital-download allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Digital Download: from n/a...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32381 Missing Authorization vulnerability in raratheme App Landing Page app-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Landing Page: from n/a...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32380 Missing Authorization vulnerability in raratheme Numinous numinous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Numinous: from n/a through <= 1.3.0.	5.3	MEDIUM	—	3/13/2026
CVE-2026-32379 Missing Authorization vulnerability in raratheme Rara Academic rara-academic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rara Academic: from n/a through ...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32378 Missing Authorization vulnerability in raratheme Book Landing Page book-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Landing Page: from ...	5.3	MEDIUM	—	3/13/2026
CVE-2026-32377 Missing Authorization vulnerability in raratheme Pranayama Yoga pranayama-yoga allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pranayama Yoga: from n/a throu...	5.3	MEDIUM	—	3/13/2026

Pagina 152 de 337

Anterior Siguiente

This product uses data from the NVD API but is not endorsed or certified by the NVD.