Export limit exceeded: 85001 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (85001 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-40768 2 Dimitri Grassi, Wordpress 2 Salon Booking System, Wordpress 2026-06-20 7.3 High
Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system <= 10.30.24 versions.
CVE-2026-41557 2 Presslayouts, Wordpress 2 Kapee, Wordpress 2026-06-20 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.
CVE-2026-49074 2 Jetimpex Inc., Wordpress 2 Jetengine, Wordpress 2026-06-20 7.1 High
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.9.1 versions.
CVE-2026-49081 2 Themegrill, Wordpress 2 User Registration Stripe, Wordpress 2026-06-20 8.2 High
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.12 versions.
CVE-2026-52696 2 Jetimpex Inc., Wordpress 2 Jetblog, Wordpress 2026-06-20 7.5 High
Unauthenticated Sensitive Data Exposure in JetBlog <= 2.4.8 versions.
CVE-2026-52698 2 Syed Balkhi, Wordpress 2 Pushengage – Web Push Notifications, Ecommerce Automation & Chat Widget, Wordpress 2026-06-20 7.4 High
Subscriber Sensitive Data Exposure in PushEngage – Web Push Notifications, eCommerce Automation &amp; Chat Widget <= 4.2.3 versions.
CVE-2026-54184 2 Alberto Hornero, Wordpress 2 Clean Login, Wordpress 2026-06-20 8.2 High
Unauthenticated Insecure Direct Object References (IDOR) in Clean Login <= 1.15 versions.
CVE-2026-54185 2 Themeco, Wordpress 2 Cornerstone, Wordpress 2026-06-20 8.5 High
Subscriber SQL Injection in Cornerstone < 7.8.8 versions.
CVE-2026-54188 2 Jetimpex Inc., Wordpress 2 Jetengine, Wordpress 2026-06-20 7.1 High
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
CVE-2026-54189 2 Jetimpex Inc., Wordpress 2 Jetengine, Wordpress 2026-06-20 7.1 High
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
CVE-2026-54804 2 Melhorenvio, Wordpress 2 Melhor Envio, Wordpress 2026-06-20 7.6 High
Subscriber Broken Authentication in Melhor Envio <= 2.16.3 versions.
CVE-2026-54805 2 Sbouey, Wordpress 2 Falang Multilanguage, Wordpress 2026-06-20 8.8 High
Subscriber Privilege Escalation in Falang multilanguage <= 1.4.2 versions.
CVE-2025-68524 2 Themegoods, Wordpress 2 Avante, Wordpress 2026-06-20 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions.
CVE-2025-69115 2 Themerex, Wordpress 2 Luxmed | Medicine & Healthcare Doctor Wordpress Theme, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions.
CVE-2025-69130 2 Themovation, Wordpress 2 Entrepreneur - Booking For Small Businesses Wordpress Theme, Wordpress 2026-06-20 8.8 High
Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions.
CVE-2025-69144 2 Themerex, Wordpress 2 Preservation, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Preservation <= 1.10 versions.
CVE-2025-69164 2 Themerex, Wordpress 2 Skyward, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Skyward <= 1.10 versions.
CVE-2025-69170 2 Themerex, Wordpress 2 Eventicity, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Eventicity <= 1.5 versions.
CVE-2025-69175 2 Themerex, Wordpress 2 Line Agency, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Line Agency <= 1.3.1 versions.
CVE-2026-39445 2 Presslayouts, Wordpress 2 Alukas, Wordpress 2026-06-20 8.1 High
Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions.