Interact\ CVEs and Security Vulnerabilities

Export limit exceeded: 340856 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 30), (line:1, col:31)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (340856 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25390	2 Saad Iqbal, Wordpress	2 New User Approve, Wordpress	2026-03-27	6.5 Medium
Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through <= 3.2.3.
CVE-2026-25397	2 Snowray Software, Wordpress	2 File Uploader For Woocommerce, Wordpress	2026-03-27	7.5 High
Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from n/a through <= 1.0.4.
CVE-2026-25398	2 Webilia, Wordpress	2 Vertex Addons For Elementor, Wordpress	2026-03-27	6.5 Medium
Missing Authorization vulnerability in Webilia Inc. Vertex Addons for Elementor addons-for-elementor-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Vertex Addons for Elementor: from n/a through <= 1.6.4.
CVE-2026-25400	2 Thememount, Wordpress	2 Apicona, Wordpress	2026-03-27	8.8 High
Deserialization of Untrusted Data vulnerability in thememount Apicona apicona allows Object Injection.This issue affects Apicona: from n/a through <= 24.1.0.
CVE-2026-25406	2 Themeum, Wordpress	2 Tutor Lms, Wordpress	2026-03-27	8.8 High
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeum Tutor LMS Pro tutor-pro allows Authentication Abuse.This issue affects Tutor LMS Pro: from n/a through <= 3.9.4.
CVE-2026-25414	2 Iqonicdesign, Wordpress	2 Wpbookit Pro, Wordpress	2026-03-27	8.8 High
Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Privilege Escalation.This issue affects WPBookit Pro: from n/a through <= 1.6.18.
CVE-2026-25429	2 Wordpress, Wpdive	2 Wordpress, Nexa Blocks	2026-03-27	9.8 Critical
Deserialization of Untrusted Data vulnerability in wpdive Nexa Blocks nexa-blocks allows Object Injection.This issue affects Nexa Blocks: from n/a through <= 1.1.1.
CVE-2026-25430	2 Crm Perks, Wordpress	2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress	2026-03-27	6.5 Medium
Missing Authorization vulnerability in CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms cf7-mailchimp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through <= 1.2.2.
CVE-2026-25437	2 Wordpress, سید محمدامین هاشمی	2 Wordpress, Gzseo	2026-03-27	6.5 Medium
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through <= 2.0.14.
CVE-2026-25454	2 Mvpthemes, Wordpress	2 The League, Wordpress	2026-03-27	6.5 Medium
Missing Authorization vulnerability in MVPThemes The League the-league allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The League: from n/a through <= 4.4.1.
CVE-2026-25455	2 Pickplugins, Wordpress	2 Product Slider For Woocommerce, Wordpress	2026-03-27	6.5 Medium
Missing Authorization vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Slider for WooCommerce: from n/a through <= 1.13.60.
CVE-2026-25456	2 Aarsiv Groups, Wordpress	2 Automated Fedex Live/manual Rates With Shipping Labels, Wordpress	2026-03-27	7.5 High
Missing Authorization vulnerability in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automated FedEx live/manual rates with shipping labels: from n/a through <= 5.1.8.
CVE-2026-25457	2 Select-themes, Wordpress	2 Mixtape, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Mixtape mixtape allows PHP Local File Inclusion.This issue affects Mixtape: from n/a through <= 2.1.
CVE-2026-25458	2 Select-themes, Wordpress	2 Moments, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Moments moments allows PHP Local File Inclusion.This issue affects Moments: from n/a through <= 2.2.
CVE-2026-25462	2 Avalex, Wordpress	2 Avalex, Wordpress	2026-03-27	6.5 Medium
Missing Authorization vulnerability in avalex avalex avalex allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects avalex: from n/a through <= 3.1.3.
CVE-2026-25464	2 Tielabs, Wordpress	2 Jannah, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through <= 7.6.3.
CVE-2026-25469	2 Viabill For Woocommerce, Wordpress	2 Viabill – Woocommerce, Wordpress	2026-03-27	6.5 Medium
Missing Authorization vulnerability in ViaBill for WooCommerce ViaBill – WooCommerce viabill-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ViaBill – WooCommerce: from n/a through <= 1.1.53.
CVE-2026-27039	2 Aa-team, Wordpress	2 Wzone, Wordpress	2026-03-27	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through <= 14.0.31.
CVE-2026-27040	2 Aa-team, Wordpress	2 Wzone, Wordpress	2026-03-27	8.8 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through <= 14.0.31.
CVE-2026-27045	2 Sbthemes, Wordpress	2 Woocommerce Infinite Scroll, Wordpress	2026-03-27	8.8 High
Deserialization of Untrusted Data vulnerability in sbthemes WooCommerce Infinite Scroll sb-woocommerce-infinite-scroll allows Object Injection.This issue affects WooCommerce Infinite Scroll: from n/a through <= 1.6.2.

Page 1 of 17043. next last »