CWE-862 CVEs and Security Vulnerabilities

Export limit exceeded: 16319 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7268 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-24945	2 Themefic, Wordpress	2 Ultimate Addons For Contact Form 7, Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through <= 3.5.34.
CVE-2026-24940	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in Themefic Travelfic Toolkit travelfic-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelfic Toolkit: from n/a through <= 1.3.3.
CVE-2026-24947	2 La-studioweb, Wordpress	2 Element Kit For Elementor, Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through < 1.5.6.3.
CVE-2026-24997	1 Wordpress	1 Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in Wired Impact Wired Impact Volunteer Management wired-impact-volunteer-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wired Impact Volunteer Management: from n/a through <= 2.8.
CVE-2026-25011	2 Northern Beaches Websites, Wordpress	2 Wp Custom Admin Interface, Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through <= 7.41.
CVE-2026-25021	2 Mizan Themes, Wordpress	2 Mizan Demo Importer, Wordpress	2026-02-04	5.4 Medium
Missing Authorization vulnerability in Mizan Themes Mizan Demo Importer mizan-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mizan Demo Importer: from n/a through <= 0.1.3.
CVE-2026-24965	3 Contest-gallery, Contest Gallery, Wordpress	3 Contest Gallery, Contest Gallery, Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contest Gallery: from n/a through <= 28.1.1.
CVE-2026-25012	1 Wordpress	1 Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bannerize Pro: from n/a through <= 1.11.0.
CVE-2026-24985	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through <= 1.8.2.
CVE-2026-24995	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through <= 14.2.0.
CVE-2026-24996	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in wpelemento WPElemento Importer wpelemento-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPElemento Importer: from n/a through <= 0.6.4.
CVE-2026-24967	1 Wordpress	1 Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in ameliabooking Amelia ameliabooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Amelia: from n/a through <= 1.2.38.
CVE-2026-24994	2 Sunshinephotocart, Wordpress	2 Sunshine Photo Cart, Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.7.2.
CVE-2026-25020	2 Wordpress, Wp Connect	2 Wordpress, Wp Sync For Notion	2026-02-04	4.3 Medium
Missing Authorization vulnerability in WP connect WP Sync for Notion wp-sync-for-notion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sync for Notion: from n/a through <= 1.7.0.
CVE-2026-25016	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in Nelio Software Nelio Popups nelio-popups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio Popups: from n/a through <= 1.3.5.
CVE-2026-25019	2 Vito Peleg, Wordpress	2 Atarim, Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through <= 4.3.1.
CVE-2026-24982	2 Brainstormforce, Wordpress	2 Spectra, Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.17.
CVE-2026-24990	2 Fahad Mahmood, Wordpress	2 Wp Docs, Wordpress	2026-02-04	5.4 Medium
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through <= 2.2.8.
CVE-2026-25010	2 Illid, Wordpress	2 Share This Image, Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through <= 2.09.
CVE-2025-15115	1 Petlibro	2 Petlibro, Smart Pet Feeder Platform	2026-02-03	6.5 Medium
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authentication bypass vulnerability that allows unauthenticated attackers to access any user account by exploiting OAuth token validation flaws in the social login system. Attackers can send requests to /member/auth/thirdLogin with arbitrary Google IDs and phoneBrand parameters to obtain full session tokens and account access without proper OAuth verification.

« first previous Page 40 of 364. next last »