Export limit exceeded: 345229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345229 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-29053 | 1 Ghost | 1 Ghost | 2026-04-17 | 7.7 High |
| Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted malicious themes can execute arbitrary code on the server running Ghost. This issue has been patched in version 6.19.1. | ||||
| CVE-2026-22385 | 2 Don-themes, Wordpress | 2 Wolmart, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in don-themes Wolmart wolmart allows PHP Local File Inclusion.This issue affects Wolmart: from n/a through <= 1.9.6. | ||||
| CVE-2026-22418 | 2 Ancorathemes, Wordpress | 2 Great Lotus, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Great Lotus great-lotus allows PHP Local File Inclusion.This issue affects Great Lotus: from n/a through <= 1.3.1. | ||||
| CVE-2026-22438 | 2 Foreverpinetree, Wordpress | 2 Thebi, Wordpress | 2026-04-17 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree TheBi thebi allows Reflected XSS.This issue affects TheBi: from n/a through <= 1.0.5. | ||||
| CVE-2026-22440 | 2 Foreverpinetree, Wordpress | 2 Thecs, Wordpress | 2026-04-17 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree Thecs thecs allows Reflected XSS.This issue affects Thecs: from n/a through <= 1.4.7. | ||||
| CVE-2026-22441 | 2 Elated-themes, Wordpress | 2 Zentrum, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Zentrum zentrum allows PHP Local File Inclusion.This issue affects Zentrum: from n/a through <= 1.0. | ||||
| CVE-2026-22452 | 2 Themerex, Wordpress | 2 Hoverex, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Hoverex hoverex allows PHP Local File Inclusion.This issue affects Hoverex: from n/a through <= 1.5.10. | ||||
| CVE-2026-22478 | 2 Elated Themes, Wordpress | 2 Findall, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes FindAll findall allows PHP Local File Inclusion.This issue affects FindAll: from n/a through <= 1.4. | ||||
| CVE-2026-23546 | 2 Radiustheme, Wordpress | 2 Classified Listing, Wordpress | 2026-04-17 | 6.5 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme Classified Listing classified-listing allows Retrieve Embedded Sensitive Data.This issue affects Classified Listing: from n/a through <= 5.3.4. | ||||
| CVE-2026-23802 | 2 Jordy Meow, Wordpress | 2 Ai-engine, Wordpress | 2026-04-17 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through <= 3.3.2. | ||||
| CVE-2026-27332 | 2 Skygroup, Wordpress | 2 Agrofood, Wordpress | 2026-04-17 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Agrofood agrofood allows Reflected XSS.This issue affects Agrofood: from n/a through < 1.4.0. | ||||
| CVE-2026-27336 | 2 Ancorathemes, Wordpress | 2 Consultor | Consulting, Accounting & Legal Counsel Wordpress Theme, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, Accounting & Legal Counsel WordPress Theme: from n/a through <= 1.2.4. | ||||
| CVE-2026-27986 | 2 Themerex, Wordpress | 2 Ostende, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX OsTende ostende allows PHP Local File Inclusion.This issue affects OsTende: from n/a through <= 1.4.3. | ||||
| CVE-2026-27996 | 2 Themerex, Wordpress | 2 Lingvico, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Lingvico lingvico allows PHP Local File Inclusion.This issue affects Lingvico: from n/a through <= 1.0.14. | ||||
| CVE-2026-28050 | 2 Themerex, Wordpress | 2 Beacon, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Beacon beacon allows PHP Local File Inclusion.This issue affects Beacon: from n/a through <= 2.24. | ||||
| CVE-2026-28052 | 2 Themerex, Wordpress | 2 Peter Mason, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Peter Mason petermason allows PHP Local File Inclusion.This issue affects Peter Mason: from n/a through <= 1.4.5. | ||||
| CVE-2026-28086 | 2 Themerex, Wordpress | 2 Run Gran, Wordpress | 2026-04-17 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Run Gran run-gran allows PHP Local File Inclusion.This issue affects Run Gran: from n/a through <= 2.0. | ||||
| CVE-2026-28544 | 1 Huawei | 1 Harmonyos | 2026-04-17 | 6.2 Medium |
| Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-28542 | 1 Huawei | 2 Emui, Harmonyos | 2026-04-17 | 7.3 High |
| Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-21628 | 2 Astroidframe.work, Templaza | 2 Astroid Template Framework, Astroid Framework | 2026-04-17 | 9.8 Critical |
| A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution. | ||||