Wordfence Intelligence   >   Search Results

Showing 361-380 of 453 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title
Searches through the title of each vulnerability for matches.
date
Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.
cvss-rating
Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.
researcher
Returns vulnerabilities credited to researchers containing the given text.
software
Returns vulnerabilities discovered in software containing the given text.
software-slug
Returns vulnerabilities discovered in software exactly matching the given slug.
software-type
Use plugin, theme or core to limit the search to the specified type of software.
By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.
Mega Main Menu <= 2.2.2 - Information Disclosure
5.3
CVE ID Unknown
Jan 10, 2023
Researcher: indoushka
Easy Testimonials <= 3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4577
Jan 10, 2023
Researcher: István Márton
Strong Testimonials <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4717
Jan 10, 2023
Researcher: István Márton
Clean Login <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4838
Jan 10, 2023
Researcher: István Márton
PDF.js Viewer <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4670
Jan 10, 2023
Researcher: István Márton
Royal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creation
4.3
CVE-2022-4707
Jan 10, 2023
Researcher: Ram
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Activation
4.3
CVE-2022-4701
Jan 10, 2023
Researcher: Ram
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Import Deletion
4.3
CVE-2022-4703
Jan 10, 2023
Researcher: Ram
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Import
5.4
CVE-2022-4704
Jan 10, 2023
Researcher: Ram
Page View Count <= 2.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-0095
Jan 10, 2023
Researcher: István Márton
YourChannel <= 1.2.2 Authenticated (Contributor+) Cross-Site Scripting via Shortcode
7.4
CVE-2022-4833
Jan 10, 2023
Researcher: István Márton
Event Manager and Tickets Selling Plugin for WooCommerce <= 3.7.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2023-0144
Jan 10, 2023
Researcher: István Márton
Royal Elementor Addons <= 1.3.59 - Reflected Cross-Site Scripting
6.1
CVE-2022-4710
Jan 10, 2023
Researcher: Ram
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Conditions Modification
4.3
CVE-2022-4708
Jan 10, 2023
Researcher: Ram
PPWP – WordPress Password Protect Page <= 1.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4626
Jan 10, 2023
Researcher: István Márton
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Menu Settings Update
4.3
CVE-2022-4711
Jan 10, 2023
Researcher: Ram
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Deactivation
5.4
CVE-2022-4702
Jan 10, 2023
Researcher: Ram
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Theme Activation
5.4
CVE-2022-4700
Jan 10, 2023
Researcher: Ram
User Meta Manager <= 3.4.9 - Cross Site Request Forgery
8.8
CVE-2023-23712
Jan 10, 2023
Researcher: thiennv
WP-ShowHide <= 1.04 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2022-4825
Jan 10, 2023
Researcher: István Márton
Title CVE ID CVSS Researchers Date
Mega Main Menu <= 2.2.2 - Information Disclosure 5.3 indoushka January 10, 2023
Easy Testimonials <= 3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4577 6.4 István Márton January 10, 2023
Strong Testimonials <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4717 6.4 István Márton January 10, 2023
Clean Login <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4838 6.4 István Márton January 10, 2023
PDF.js Viewer <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4670 6.4 István Márton January 10, 2023
Royal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creation CVE-2022-4707 4.3 Ram January 10, 2023
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Activation CVE-2022-4701 4.3 Ram January 10, 2023
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Import Deletion CVE-2022-4703 4.3 Ram January 10, 2023
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Import CVE-2022-4704 5.4 Ram January 10, 2023
Page View Count <= 2.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-0095 6.4 István Márton January 10, 2023
YourChannel <= 1.2.2 Authenticated (Contributor+) Cross-Site Scripting via Shortcode CVE-2022-4833 7.4 István Márton January 10, 2023
Event Manager and Tickets Selling Plugin for WooCommerce <= 3.7.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0144 6.4 István Márton January 10, 2023
Royal Elementor Addons <= 1.3.59 - Reflected Cross-Site Scripting CVE-2022-4710 6.1 Ram January 10, 2023
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Conditions Modification CVE-2022-4708 4.3 Ram January 10, 2023
PPWP – WordPress Password Protect Page <= 1.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4626 6.4 István Márton January 10, 2023
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Menu Settings Update CVE-2022-4711 4.3 Ram January 10, 2023
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Deactivation CVE-2022-4702 5.4 Ram January 10, 2023
Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Theme Activation CVE-2022-4700 5.4 Ram January 10, 2023
User Meta Manager <= 3.4.9 - Cross Site Request Forgery CVE-2023-23712 8.8 thiennv January 10, 2023
WP-ShowHide <= 1.04 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4825 6.4 István Márton January 10, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation