Export limit exceeded: 361475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22338 | 2 Themerex, Wordpress | 2 Ecoblue, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions. | ||||
| CVE-2026-25446 | 2 Wishlist Products, Wordpress | 2 Wishlist Member X, Wordpress | 2026-06-26 | 9.9 Critical |
| Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions. | ||||
| CVE-2026-39558 | 2 Elated-themes, Wordpress | 2 Malmö, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Malmö <= 2.2 versions. | ||||
| CVE-2026-40731 | 1 Mikado-themes | 2 Chapterone, Halstein | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in ChapterOne <= 1.7 versions. | ||||
| CVE-2026-40735 | 2 Edge-themes, Wordpress | 2 Reina, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Reina <= 2.1 versions. | ||||
| CVE-2026-45436 | 2 Rain-task, Wordpress | 2 Wpbakery Page Builder, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions. | ||||
| CVE-2025-31013 | 2 Themify, Wordpress | 2 Themify Folo, Wordpress | 2026-06-26 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6. | ||||
| CVE-2025-59872 | 1 Hcltech | 1 Zie For Web | 2026-06-26 | 4.3 Medium |
| HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability, If the server is configured to execute code, then it may be possible to obtain command execution on the server by uploading a file known as a web shell, which allows you to execute arbitrary code or operating system commands. For this attack to be successful, the file needs to be uploaded inside the Webroot, and the server must be configured to execute the code | ||||
| CVE-2025-69106 | 2 Themerex, Wordpress | 2 Imba, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Imba <= 1.5.0 versions. | ||||
| CVE-2025-69111 | 2 Themerex, Wordpress | 2 Reisen, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions. | ||||
| CVE-2025-69120 | 2 Themerex, Wordpress | 2 Dazzle, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Dazzle <= 1.0.0 versions. | ||||
| CVE-2025-69123 | 2 Themerex, Wordpress | 2 Snow Club, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions. | ||||
| CVE-2025-69126 | 2 Themerex, Wordpress | 2 Fortius, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions. | ||||
| CVE-2025-69127 | 2 Themerex, Wordpress | 2 Plumbing, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions. | ||||
| CVE-2025-69157 | 2 Themerex, Wordpress | 2 Gamic, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Gamic <= 1.15 versions. | ||||
| CVE-2025-69158 | 2 Themerex, Wordpress | 2 Granola, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Granola <= 1.13 versions. | ||||
| CVE-2025-69166 | 2 Themerex, Wordpress | 2 Gunslinger, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions. | ||||
| CVE-2025-69174 | 2 Themerex, Wordpress | 2 Etude, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Etude <= 1.6 versions. | ||||
| CVE-2026-39523 | 2 Elated-themes, Wordpress | 2 Solene Core, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Solene Core <= 2.3.2 versions. | ||||
| CVE-2026-39556 | 2 Elated-themes, Wordpress | 2 Konsept, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Konsept <= 1.9 versions. | ||||