Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2023-50832 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mondula GmbH Multi Step Form allows Stored XSS.This issue affects Multi Step Form: from n/a throug... | 5.9 | MEDIUM | — | 0 |
| CVE-2023-50833 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.This issue affects Colibri Page Builder: from ... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-32747 Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-32799 Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-47191 Authorization Bypass Through User-Controlled Key vulnerability in KaineLabs Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress.This issue affects Youzify – ... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-49765 Authorization Bypass Through User-Controlled Key vulnerability in Blaz K. Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.1. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-50834 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu E... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50874 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney WordPress Infinite Scroll – Ajax Load More allows Stored XSS.This issue affects Word... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-51501 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Undsgn Uncode - Creative & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Unc... | 7.1 | HIGH | — | 0 |
| CVE-2023-27447 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc.This issue affects WP SMS – M... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-32513 Deserialization of Untrusted Data vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a through 2.25.... | 7.5 | HIGH | — | 0 |
| CVE-2023-32795 Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3. | 8.2 | HIGH | — | 0 |
| CVE-2023-36381 Deserialization of Untrusted Data vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.5. | 6.6 | MEDIUM | — | 0 |
| CVE-2023-50836 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibericode HTML Forms allows Stored XSS.This issue affects HTML Forms: from n/a through 1.3.28. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-50856 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create... | 7.6 | HIGH | — | 0 |
| CVE-2023-50857 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation ... | 7.6 | HIGH | — | 0 |
| CVE-2023-50858 Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan.This issue affects Disable Json API, Login Lo... | 5.4 | MEDIUM | — | 0 |
| CVE-2023-50859 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding allows Stored XSS.This issue affects WP Crowdfunding: from n/a through 2.1... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50860 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TMS Booking for Appointments and Events Calendar – Amelia allows Stored XSS.This issue affects Boo... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50873 Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Add Any Extension to Pages.This issue affects Add Any Extension to Pages: from n/a through 1.4. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-50848 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0. | 7.6 | HIGH | — | 0 |
| CVE-2023-50849 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool f... | 7.6 | HIGH | — | 0 |
| CVE-2023-50851 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in N Squared Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin.This issue af... | 7.6 | HIGH | — | 0 |
| CVE-2023-50852 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Booking Calendar | Appointment Booking | BookIt.This issue affects Booking Calendar... | 7.6 | HIGH | — | 0 |
| CVE-2023-50853 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and... | 7.6 | HIGH | — | 0 |
| CVE-2023-50854 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Squirrly Squirrly SEO - Advanced Pack.This issue affects Squirrly SEO - Advanced Pack: from n/a be... | 7.6 | HIGH | — | 0 |
| CVE-2023-50855 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sam Perrow Pre* Party Resource Hints.This issue affects Pre* Party Resource Hints: from n/a throug... | 7.6 | HIGH | — | 0 |
| CVE-2023-50840 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevelop, oplugins Booking Manager.This issue affects Booking Manager: from n/a through 2.1.5. | 8.5 | HIGH | — | 0 |
| CVE-2026-21253 Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally. | 7.0 | HIGH | — | 0 |
| CVE-2026-24294 Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-28867 This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, ... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-30533 A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage_product.php file via the "id" parameter. | 9.8 | CRITICAL | — | 0 |
| CVE-2023-50841 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin... | 8.5 | HIGH | — | 0 |
| CVE-2023-50842 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar: from n/a through 1.2.1. | 8.5 | HIGH | — | 0 |
| CVE-2023-50843 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Clockwork Clockwork SMS Notfications.This issue affects Clockwork SMS Notfications: from n/a throu... | 7.6 | HIGH | — | 0 |
| CVE-2023-50844 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in James Ward Mail logging – WP Mail Catcher.This issue affects Mail logging – WP Mail Catcher: from ... | 7.6 | HIGH | — | 0 |
| CVE-2023-50845 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin,... | 7.6 | HIGH | — | 0 |
| CVE-2023-50846 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and U... | 7.6 | HIGH | — | 0 |
| CVE-2023-50847 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3. | 7.6 | HIGH | — | 0 |
| CVE-2023-50838 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms... | 7.6 | HIGH | — | 0 |
| CVE-2023-50839 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best... | 9.3 | CRITICAL | — | 0 |
| CVE-2022-36399 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BoxyStudio Booked - Appointment Booking for WordPress | Calendars.This issue affects Booked - Appointment Booking for WordPr... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-22676 Missing Authorization vulnerability in Anders Thorborg.This issue affects Anders Thorborg: from n/a through 1.4.12. | 3.1 | LOW | — | 0 |
| CVE-2023-22677 Improper Control of Generation of Code ('Code Injection') vulnerability in BinaryStash WP Booklet.This issue affects WP Booklet: from n/a through 2.1.8. | 8.5 | HIGH | — | 0 |
| CVE-2023-25054 Improper Control of Generation of Code ('Code Injection') vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6. | 10.0 | CRITICAL | — | 0 |
| CVE-2023-32095 Improper Control of Generation of Code ('Code Injection') vulnerability in Milan Dinić Rename Media Files.This issue affects Rename Media Files: from n/a through 1.0.1. | 9.9 | CRITICAL | — | 0 |
| CVE-2023-40606 Improper Control of Generation of Code ('Code Injection') vulnerability in Kanban for WordPress Kanban Boards for WordPress.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21. | 9.1 | CRITICAL | — | 0 |
| CVE-2023-45751 Improper Control of Generation of Code ('Code Injection') vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3. | 9.1 | CRITICAL | — | 0 |
| CVE-2023-46623 Improper Control of Generation of Code ('Code Injection') vulnerability in TienCOP WP EXtra.This issue affects WP EXtra: from n/a through 6.2. | 9.9 | CRITICAL | — | 0 |
| CVE-2023-47840 Improper Control of Generation of Code ('Code Injection') vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2. | 9.9 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.