Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,583
Quick preset (or use dates below)
Clear Filters
Showing 9,401 - 9,420 of 14,211 CVEs
CVE-2026-32411 MEDIUM - 6.5

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simpma Embed Calendly embed-calendly-scheduling allows Stored XSS.This issue affects Embed Calendly: from n/a through <= 4.4.

Vendor: Simpma
Product: Embed Calendly
Published: Mar 13, 2026
Source: NVD
CVE-2026-32410 MEDIUM - 5.3

Missing Authorization vulnerability in WBW Plugins WBW Currency Switcher for WooCommerce woo-currency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WBW Currency Switcher for WooCommerce: from n/a through <= 2.2.5.

Vendor: WBW Plugins
Product: WBW Currency Switcher for WooCommerce
Published: Mar 13, 2026
Source: NVD
CVE-2026-32409 MEDIUM - 5.3

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Forminator: from n/a through <= 1.50.2.

Vendor: WPMU DEV - Your All-in-One WordPress Platform
Product: Forminator
Published: Mar 13, 2026
Source: NVD
CVE-2026-32408 MEDIUM - 4.3

Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through <= 2.7.23.

Vendor: themefusecom
Product: Brizy
Published: Mar 13, 2026
Source: NVD
CVE-2026-32407 MEDIUM - 4.3

Missing Authorization vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Smart Wishlist for WooCommerce: from n/a through <= 5.0.8.

Vendor: WPClever
Product: WPC Smart Wishlist for WooCommerce
Published: Mar 13, 2026
Source: NVD
CVE-2026-32406 MEDIUM - 4.3

Missing Authorization vulnerability in WPClever WPC Product Bundles for WooCommerce woo-product-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Product Bundles for WooCommerce: from n/a through <= 8.4.5.

Vendor: WPClever
Product: WPC Product Bundles for WooCommerce
Published: Mar 13, 2026
Source: NVD
CVE-2026-32405 MEDIUM - 5.3

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a through <= 8.3.9.

Vendor: xtemos
Product: WoodMart
Published: Mar 13, 2026
Source: NVD
CVE-2026-32404 MEDIUM - 5.3

Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through <= 1.0.3.

Vendor: Studio99
Product: Studio99 WP Monitor
Published: Mar 13, 2026
Source: NVD
CVE-2026-32403 MEDIUM - 6.5

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows DOM-Based XSS.This issue affects Toocheke Companion: from n/a through <= 1.194.

Vendor: toocheke
Product: Toocheke Companion
Published: Mar 13, 2026
Source: NVD
CVE-2026-32402 MEDIUM - 5.3

Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through <= 2.7.1.

Vendor: Ays Pro
Product: Image Slider by Ays
Published: Mar 13, 2026
Source: NVD
CVE-2026-32398 MEDIUM - 6.5

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Subrata Mal TeraWallet โ€“ For WooCommerce woo-wallet allows Leveraging Race Conditions.This issue affects TeraWallet โ€“ For WooCommerce: from n/a through <= 1.5.15.

Vendor: Subrata Mal
Product: TeraWallet โ€“ For WooCommerce
Published: Mar 13, 2026
Source: NVD
CVE-2026-32397 MEDIUM - 5.3

Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <= 3.5.1.

Vendor: YMC
Product: Filter & Grids
Published: Mar 13, 2026
Source: NVD
CVE-2026-32396 MEDIUM - 5.3

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13.

Vendor: RadiusTheme
Product: Team
Published: Mar 13, 2026
Source: NVD
CVE-2026-32395 MEDIUM - 5.3

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder &#8211; Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder &#8211; Lite: from n/a through <= 1.5.6.

Vendor: Xpro
Product: Xpro Addons For Beaver Builder &#8211; Lite
Published: Mar 13, 2026
Source: NVD
CVE-2026-32394 MEDIUM - 4.3

Missing Authorization vulnerability in PublishPress PublishPress Capabilities capability-manager-enhanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Capabilities: from n/a through <= 2.31.0.

Vendor: PublishPress
Product: PublishPress Capabilities
Published: Mar 13, 2026
Source: NVD
CVE-2026-32391 MEDIUM - 5.4

Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through < 1.2.4.

Vendor: linethemes
Product: SmartFix
Published: Mar 13, 2026
Source: NVD
CVE-2026-32390 MEDIUM - 5.4

Missing Authorization vulnerability in linethemes Nanosoft nanosoft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nanosoft: from n/a through < 1.3.2.

Vendor: linethemes
Product: Nanosoft
Published: Mar 13, 2026
Source: NVD
CVE-2026-32388 MEDIUM - 5.4

Missing Authorization vulnerability in linethemes GLB glb allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GLB: from n/a through <= 1.2.2.

Vendor: linethemes
Product: GLB
Published: Mar 13, 2026
Source: NVD
CVE-2026-32387 MEDIUM - 5.3

Missing Authorization vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout for PayPal: from n/a through <= 1.0.46.

Vendor: Noor Alam
Product: Checkout for PayPal
Published: Mar 13, 2026
Source: NVD
CVE-2026-32386 MEDIUM - 5.4

Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Extra: from n/a through <= 1.9.13.

Vendor: EnvoThemes
Product: Envo Extra
Published: Mar 13, 2026
Source: NVD