Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341233 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-27049 2 Nootheme, Wordpress 2 Jobica Core, Wordpress 2026-03-30 9.8 Critical
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core jobica-core allows Authentication Abuse.This issue affects Jobica Core: from n/a through <= 1.4.2.
CVE-2026-31914 2 Hookandhook, Wordpress 2 Wp Courses Lms, Wordpress 2026-03-30 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through <= 3.2.26.
CVE-2026-32441 2 Webtoffee, Wordpress 2 Wordpress Comments Import And Export, Wordpress 2026-03-30 7.7 High
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through <= 2.4.9.
CVE-2026-32532 2 Themehunk, Wordpress 2 Contact Form & Lead Form Elementor Builder, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Stored XSS.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through <= 2.0.1.
CVE-2026-32505 2 Creativews, Wordpress 2 Kiddy, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS Kiddy kiddy allows PHP Local File Inclusion.This issue affects Kiddy: from n/a through <= 2.0.8.
CVE-2026-32523 2 Denishua, Wordpress 2 Wpjam Basic, Wordpress 2026-03-30 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through <= 6.9.2.
CVE-2026-32530 2 Wordpress, Wpfunnels 2 Wordpress, Creator Lms 2026-03-30 8.8 High
Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through <= 1.1.18.
CVE-2026-32533 2 Latepoint, Wordpress 2 Latepoint, Wordpress 2026-03-30 6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LatePoint: from n/a through <= 5.2.6.
CVE-2026-32541 2 Premmerce, Wordpress 2 Premmerce Redirect Manager, Wordpress 2026-03-30 6.5 Medium
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through <= 1.0.12.
CVE-2026-32519 2 Bitapps, Wordpress 2 Bit Smtp, Wordpress 2026-03-30 9 Critical
Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege Escalation.This issue affects Bit SMTP: from n/a through <= 1.2.2.
CVE-2026-27084 2 Themerex, Wordpress 2 Buisson, Wordpress 2026-03-30 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object Injection.This issue affects Buisson: from n/a through <= 1.1.11.
CVE-2026-32503 2 Creativews, Wordpress 2 Trendustry, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS Trendustry trendustry allows PHP Local File Inclusion.This issue affects Trendustry: from n/a through <= 1.1.4.
CVE-2026-27076 2 Mikado-themes, Wordpress 2 Luxedrive, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes LuxeDrive luxedrive allows PHP Local File Inclusion.This issue affects LuxeDrive: from n/a through <= 1.0.
CVE-2026-25400 2 Thememount, Wordpress 2 Apicona, Wordpress 2026-03-30 8.8 High
Deserialization of Untrusted Data vulnerability in thememount Apicona apicona allows Object Injection.This issue affects Apicona: from n/a through <= 24.1.0.
CVE-2026-32484 2 Boldgrid, Wordpress 2 Weforms, Wordpress 2026-03-30 8.8 High
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through <= 1.6.26.
CVE-2026-27040 2 Aa-team, Wordpress 2 Wzone, Wordpress 2026-03-30 8.8 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through <= 14.0.31.
CVE-2026-27082 2 Themerex, Wordpress 2 Love Story, Wordpress 2026-03-30 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through <= 1.3.12.
CVE-2026-32502 2 Select-themes, Wordpress 2 Borgholm, Wordpress 2026-03-30 9.8 Critical
Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing-agency-theme allows Object Injection.This issue affects Borgholm: from n/a through < 1.6.
CVE-2026-32512 2 Edge-themes, Wordpress 2 Pelicula, Wordpress 2026-03-30 9.8 Critical
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through < 1.10.
CVE-2026-24976 2 Nootheme, Wordpress 2 Organici Library, Wordpress 2026-03-30 8.8 High
Deserialization of Untrusted Data vulnerability in NooTheme Organici Library noo-organici-library allows Object Injection.This issue affects Organici Library: from n/a through <= 2.1.2.