Simple\ CVEs and Security Vulnerabilities

Export limit exceeded: 341202 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 42), (line:1, col:43)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341202 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25454	2 Mvpthemes, Wordpress	2 The League, Wordpress	2026-03-30	6.5 Medium
Missing Authorization vulnerability in MVPThemes The League the-league allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The League: from n/a through <= 4.4.1.
CVE-2026-25462	2 Avalex, Wordpress	2 Avalex, Wordpress	2026-03-30	6.5 Medium
Missing Authorization vulnerability in avalex avalex avalex allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects avalex: from n/a through <= 3.1.3.
CVE-2026-27078	2 Mikado-themes, Wordpress	2 Emaurri, Wordpress	2026-03-30	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Emaurri emaurri allows PHP Local File Inclusion.This issue affects Emaurri: from n/a through <= 1.0.1.
CVE-2026-27080	2 Mikado-themes, Wordpress	2 Deston, Wordpress	2026-03-30	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Deston deston allows PHP Local File Inclusion.This issue affects Deston: from n/a through <= 1.0.
CVE-2026-31921	2 Devteam Haywoodtech, Wordpress	2 Product Rearrange For Woocommerce, Wordpress	2026-03-30	8.2 High
Missing Authorization vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Rearrange for WooCommerce: from n/a through <= 1.2.2.
CVE-2026-25460	2 Liquidthemes, Wordpress	2 Ave Core, Wordpress	2026-03-30	6.3 Medium
Missing Authorization vulnerability in LiquidThemes Ave Core ave-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ave Core: from n/a through <= 2.9.1.
CVE-2026-25413	2 Iqonicdesign, Wordpress	2 Wpbookit Pro, Wordpress	2026-03-30	9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through <= 1.6.18.
CVE-2026-25334	2 Wordpress, Wordpresschef	2 Wordpress, Salon Booking System Pro	2026-03-30	8.1 High
Incorrect Privilege Assignment vulnerability in wordpresschef Salon Booking System Pro salon-booking-plugin-pro allows Privilege Escalation.This issue affects Salon Booking System Pro: from n/a through < 10.30.12.
CVE-2026-25401	2 Arni Cinco, Wordpress	2 Wpcargo Track & Trace, Wordpress	2026-03-30	7.5 High
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through <= 8.0.2.
CVE-2026-24970	2 Designingmedia, Wordpress	2 Energox, Wordpress	2026-03-30	7.7 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Energox energox allows Path Traversal.This issue affects Energox: from n/a through <= 1.2.
CVE-2026-25309	2 Publishpress, Wordpress	2 Publishpress Authors, Wordpress	2026-03-30	7.5 High
Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Authors: from n/a through <= 4.10.1.
CVE-2026-25396	2 Coderpress, Wordpress	2 Commerce Coinbase For Woocommerce, Wordpress	2026-03-30	7.5 High
Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Commerce Coinbase For WooCommerce: from n/a through <= 1.6.6.
CVE-2026-27051	2 Uxper, Wordpress	2 Golo, Wordpress	2026-03-30	9.8 Critical
Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through <= 1.7.0.
CVE-2026-32489	2 Bplugins, Wordpress	2 B Blocks, Wordpress	2026-03-30	6.5 Medium
Missing Authorization vulnerability in bPlugins B Blocks b-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Blocks: from n/a through < 2.0.30.
CVE-2026-24373	2 Metagauss, Wordpress	2 Registrationmagic, Wordpress	2026-03-30	8.1 High
Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through <= 6.0.7.1.
CVE-2026-24378	2 Metagauss, Wordpress	2 Eventprime, Wordpress	2026-03-30	9.8 Critical
Deserialization of Untrusted Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Object Injection.This issue affects EventPrime: from n/a through <= 4.2.8.0.
CVE-2026-24964	2 Wasiliy Strecker / Contestgallery Developer, Wordpress	2 Contest Gallery, Wordpress	2026-03-30	6.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Server Side Request Forgery.This issue affects Contest Gallery: from n/a through <= 28.1.2.1.
CVE-2026-24980	2 Nootheme, Wordpress	2 Visionary Core, Wordpress	2026-03-30	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Visionary Core noo-visionary-core allows Reflected XSS.This issue affects Visionary Core: from n/a through <= 1.4.9.
CVE-2026-24981	2 Nootheme, Wordpress	2 Visionary Core, Wordpress	2026-03-30	8.8 High
Deserialization of Untrusted Data vulnerability in NooTheme Visionary Core noo-visionary-core allows Object Injection.This issue affects Visionary Core: from n/a through <= 1.4.9.
CVE-2026-24989	2 Fantasticplugins, Wordpress	2 Sumo Affiliates Pro, Wordpress	2026-03-30	9.8 Critical
Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through < 11.4.0.

« first previous Page 18 of 17061. next last »