Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10314 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-68834 2 Saiful Islam, Wordpress 2 Sync Master Sheet – Product Sync With Google Sheet For Woocommerce, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Saiful Islam Sync Master Sheet &#8211; Product Sync with Google Sheet for WooCommerce product-sync-master-sheet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sync Master Sheet &#8211; Product Sync with Google Sheet for WooCommerce: from n/a through <= 1.1.3.
CVE-2025-68895 2 Ahachat, Wordpress 2 Ahachat Messenger Marketing, Wordpress 2026-02-23 N/A
Authentication Bypass Using an Alternate Path or Channel vulnerability in ahachat AhaChat Messenger Marketing ahachat-messenger-marketing allows Password Recovery Exploitation.This issue affects AhaChat Messenger Marketing: from n/a through <= 1.1.
CVE-2025-69376 2 Vanquish, Wordpress 2 User Extra Fields, Wordpress 2026-02-23 N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Traversal.This issue affects User Extra Fields: from n/a through <= 17.0.
CVE-2025-69378 2 Wordpress, Xforwoocommerce 2 Wordpress, Product Filter For Woocommerce 2026-02-23 N/A
Incorrect Privilege Assignment vulnerability in XforWooCommerce Product Filter for WooCommerce prdctfltr allows Privilege Escalation.This issue affects Product Filter for WooCommerce: from n/a through <= 9.1.2.
CVE-2025-69394 2 Cnvrse, Wordpress 2 Cnvrse, Wordpress 2026-02-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cnvrse: from n/a through <= 026.02.10.20.
CVE-2026-22362 2 Axiomthemes, Wordpress 2 Photolia, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Photolia photolia allows PHP Local File Inclusion.This issue affects Photolia: from n/a through <= 1.0.3.
CVE-2026-22364 2 Axiomthemes, Wordpress 2 Seventrees, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes SevenTrees seventrees allows PHP Local File Inclusion.This issue affects SevenTrees: from n/a through <=1.0.2.
CVE-2026-22366 2 Axiomthemes, Wordpress 2 Jude, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Jude jude allows PHP Local File Inclusion.This issue affects Jude: from n/a through <= 1.3.0.
CVE-2026-22368 2 Axiomthemes, Wordpress 2 Redy, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Redy redy allows PHP Local File Inclusion.This issue affects Redy: from n/a through <= 1.0.2.
CVE-2026-22370 2 Axiomthemes, Wordpress 2 Marveland, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Marveland marveland allows PHP Local File Inclusion.This issue affects Marveland: from n/a through <= 1.3.0.
CVE-2026-22372 2 Ancorathemes, Wordpress 2 Isida, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Isida isida allows PHP Local File Inclusion.This issue affects Isida: from n/a through <= 1.4.2.
CVE-2026-22374 2 Ancorathemes, Wordpress 2 Zio Alberto, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Zio Alberto zioalberto allows PHP Local File Inclusion.This issue affects Zio Alberto: from n/a through <= 1.2.2.
CVE-2026-22376 2 Ancorathemes, Wordpress 2 Parkivia, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Parkivia parkivia allows PHP Local File Inclusion.This issue affects Parkivia: from n/a through <= 1.1.9.
CVE-2026-22378 2 Ancorathemes, Wordpress 2 Blabber, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Blabber blabber allows PHP Local File Inclusion.This issue affects Blabber: from n/a through <= 1.7.0.
CVE-2026-22380 2 Ancorathemes, Wordpress 2 Unlimhost, Wordpress 2026-02-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes UnlimHost unlimhost allows PHP Local File Inclusion.This issue affects UnlimHost: from n/a through <= 1.2.3.
CVE-2026-24941 2 Wordpress, Wpjobportal 2 Wordpress, Wp Job Portal 2026-02-23 7.5 High
Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.4.
CVE-2026-24944 2 Wedevs, Wordpress 2 Subscribe2, Wordpress 2026-02-23 6.5 Medium
Missing Authorization vulnerability in weDevs Subscribe2 subscribe2 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe2: from n/a through <= 10.44.
CVE-2026-24948 2 Fox-themes, Wordpress 2 Reflector, Wordpress 2026-02-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Reflector reflector-plugins allows Reflected XSS.This issue affects Reflector: from n/a through <= 1.2.2.
CVE-2026-24950 2 Themeplugs, Wordpress 2 Authorsy, Wordpress 2026-02-23 7.5 High
Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: from n/a through <= 1.0.6.
CVE-2026-24955 2 Fox-themes, Wordpress 2 Whizz Plugins, Wordpress 2026-02-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Whizz Plugins whizz-plugins allows Reflected XSS.This issue affects Whizz Plugins: from n/a through <= 1.9.