Wordfence Intelligence   >   Search Results

Showing 101-120 of 907 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title
Searches through the title of each vulnerability for matches.
date
Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.
cvss-rating
Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.
researcher
Returns vulnerabilities credited to researchers containing the given text.
software
Returns vulnerabilities discovered in software containing the given text.
software-slug
Returns vulnerabilities discovered in software exactly matching the given slug.
software-type
Use plugin, theme or core to limit the search to the specified type of software.
By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.
Enhanced Text Widget <= 1.6.3 - Missing Authorization via etw_hide_admin_notification_callback
5.3
CVE-2023-49192
Dec 1, 2023
Researcher: Abdi Pranata
Social Pug <= 1.30.0 - Missing Authorization via multiple admin_init actions
5.3
CVE-2023-49193
Dec 1, 2023
Researcher: Abdi Pranata
PageLayer <= 1.7.7 - Cross-Site Request Forgery via pagelayer_load_plugin
5.3
CVE ID Unknown
Dec 1, 2023
Researchers:
Quotes for WooCommerce <= 2.0.1 - Missing Authorization
4.3
CVE-2023-51680
Nov 30, 2023
Researcher: Abdi Pranata
Quiz Maker <= 6.4.9.4 - Missing Authorization to Email Disclosure
5.3
CVE-2023-6155
Nov 30, 2023
Researcher: Krzysztof Zając
Database for CF7 <= 1.2.4 - Missing Authorization via wpcf7db_delete AJAX action
6.5
CVE-2023-49167
Nov 29, 2023
Researcher: Vladislav Pokrovsky (ΞX.MI)
Download Manager <= 3.2.82 - Unauthenticated Password Leak
5.3
CVE-2023-6421
Nov 29, 2023
Researcher: Liu Shaohong
Razorpay for WooCommerce <= 4.5.6 - Missing Authorization
4.3
CVE ID Unknown
Nov 28, 2023
Researchers:
Chronopost & Mondial relay pour WooCommerce - WCMultiShipping <= 2.3.7 - Incorrect Authorization
5.3
CVE ID Unknown
Nov 28, 2023
Researchers:
WP Mail Log <= 1.1.2 - Incorrect Authorization to Authenticated (Contributor+) Data Viewing and Deletion
6.5
CVE-2023-5644
Nov 28, 2023
Researcher: dc11
Multiple Plugins by Crocoblock <= (Various Versions) - Missing Authorization
6.3
CVE-2023-48761
Nov 28, 2023
Researcher: Rafie Muhammad
Button Generator – easily Button Builder <= 2.3.8 - Missing Authorization
5.3
CVE-2023-49154
Nov 28, 2023
Researcher: Elliot
IdeaPush <= 8.57 - Missing Authorization
4.3
CVE-2023-48774
Nov 28, 2023
Researcher: Abdi Pranata
WP Cleanfix <= 5.6.2 - Missing Authorization via register
7.1
CVE-2023-48775
Nov 28, 2023
Researcher: Abdi Pranata
Multiple Plugins by Crocoblock <= (Various Versions) - Missing Authorization to Unauthenticated Unauthorized Action
7.3
CVE-2023-48760
Nov 28, 2023
Researcher: Rafie Muhammad
Abandoned Cart Lite for WooCommerce <= 5.16.1 - Missing Authorization via multiple AJAX functions
5.4
CVE-2023-41671
Nov 28, 2023
Researcher: Mika
Export WP Page to Static HTML/CSS <= 2.1.9 - Missing Authorization via Multiple AJAX Actions
5.4
CVE-2023-6369
Nov 28, 2023
Researcher: Alex Thomas
JetEngine <= 3.2.4 - Missing Authorization
7.1
CVE-2023-48758
Nov 28, 2023
Researcher: Rafie Muhammad
LadiApp <= 4.3 - Missing Authorization
4.3
CVE-2023-49158
Nov 28, 2023
Researcher: Truoc Phan
JetElements For Elementor <= 2.6.13 - Missing Authorization to Unauthenticated Arbitrary Attachment Download
5.3
CVE-2023-48759
Nov 28, 2023
Researcher: Rafie Muhammad
Title CVE ID CVSS Researchers Date
Enhanced Text Widget <= 1.6.3 - Missing Authorization via etw_hide_admin_notification_callback CVE-2023-49192 5.3 Abdi Pranata December 1, 2023
Social Pug <= 1.30.0 - Missing Authorization via multiple admin_init actions CVE-2023-49193 5.3 Abdi Pranata December 1, 2023
PageLayer <= 1.7.7 - Cross-Site Request Forgery via pagelayer_load_plugin 5.3 December 1, 2023
Quotes for WooCommerce <= 2.0.1 - Missing Authorization CVE-2023-51680 4.3 Abdi Pranata November 30, 2023
Quiz Maker <= 6.4.9.4 - Missing Authorization to Email Disclosure CVE-2023-6155 5.3 Krzysztof Zając November 30, 2023
Database for CF7 <= 1.2.4 - Missing Authorization via wpcf7db_delete AJAX action CVE-2023-49167 6.5 Vladislav Pokrovsky (ΞX.MI) November 29, 2023
Download Manager <= 3.2.82 - Unauthenticated Password Leak CVE-2023-6421 5.3 Liu Shaohong November 29, 2023
Razorpay for WooCommerce <= 4.5.6 - Missing Authorization 4.3 November 28, 2023
Chronopost & Mondial relay pour WooCommerce - WCMultiShipping <= 2.3.7 - Incorrect Authorization 5.3 November 28, 2023
WP Mail Log <= 1.1.2 - Incorrect Authorization to Authenticated (Contributor+) Data Viewing and Deletion CVE-2023-5644 6.5 dc11 November 28, 2023
Multiple Plugins by Crocoblock <= (Various Versions) - Missing Authorization CVE-2023-48761 6.3 Rafie Muhammad November 28, 2023
Button Generator – easily Button Builder <= 2.3.8 - Missing Authorization CVE-2023-49154 5.3 Elliot November 28, 2023
IdeaPush <= 8.57 - Missing Authorization CVE-2023-48774 4.3 Abdi Pranata November 28, 2023
WP Cleanfix <= 5.6.2 - Missing Authorization via register CVE-2023-48775 7.1 Abdi Pranata November 28, 2023
Multiple Plugins by Crocoblock <= (Various Versions) - Missing Authorization to Unauthenticated Unauthorized Action CVE-2023-48760 7.3 Rafie Muhammad November 28, 2023
Abandoned Cart Lite for WooCommerce <= 5.16.1 - Missing Authorization via multiple AJAX functions CVE-2023-41671 5.4 Mika November 28, 2023
Export WP Page to Static HTML/CSS <= 2.1.9 - Missing Authorization via Multiple AJAX Actions CVE-2023-6369 5.4 Alex Thomas November 28, 2023
JetEngine <= 3.2.4 - Missing Authorization CVE-2023-48758 7.1 Rafie Muhammad November 28, 2023
LadiApp <= 4.3 - Missing Authorization CVE-2023-49158 4.3 Truoc Phan November 28, 2023
JetElements For Elementor <= 2.6.13 - Missing Authorization to Unauthenticated Arbitrary Attachment Download CVE-2023-48759 5.3 Rafie Muhammad November 28, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation