Http\ CVEs and Security Vulnerabilities

Export limit exceeded: 346619 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 23), (line:1, col:24)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346619 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-62061	2 Implecode, Wordpress	2 Product Catalog Simple, Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in impleCode Product Catalog Simple post-type-x.This issue affects Product Catalog Simple: from n/a through <= 1.8.4.
CVE-2025-62055	2 Elated-themes, Wordpress	2 Academist, Wordpress	2026-04-23	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through < 1.3.
CVE-2025-62052	2 Horea Radu, Wordpress	2 One Page Express Companion, Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Horea Radu One Page Express Companion one-page-express-companion.This issue affects One Page Express Companion: from n/a through <= 1.6.43.
CVE-2025-62048	2 Wordpress, Wpmudev	2 Wordpress, Smartcrawl	2026-04-23	5.4 Medium
Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform SmartCrawl smartcrawl-seo.This issue affects SmartCrawl: from n/a through <= 3.14.3.
CVE-2025-62023	2 S2member, Wordpress	2 S2member, Wordpress	2026-04-23	9 Critical
Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through <= 250905.
CVE-2025-62022	2 Buddypress, Wordpress	2 Buddypress, Wordpress	2026-04-23	7.5 High
Missing Authorization vulnerability in BuddyPress BuddyPress buddypress.This issue affects BuddyPress: from n/a through <= 14.3.4.
CVE-2025-62021	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Made Neat Acknowledgify acknowledgify.This issue affects Acknowledgify: from n/a through <= 1.1.3.
CVE-2025-62015	3 Josh Kohlbach, Woocommerce, Wordpress	4 Advanced Coupons For Woocommerce Coupons, Woocommerce, Woocommerce Smart Coupons and 1 more	2026-04-23	7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free.This issue affects Advanced Coupons for WooCommerce Coupons: from n/a through <= 4.6.8.
CVE-2025-62013	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in POSIMYTH UiChemy uichemy.This issue affects UiChemy: from n/a through <= 4.0.0.
CVE-2025-62009	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Cross Site Request Forgery.This issue affects UPC/EAN/GTIN Code Generator: from n/a through <= 2.0.2.
CVE-2025-62006	2 Veronalabs, Wordpress	2 Wp Sms, Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through <= 7.0.1.
CVE-2025-62005	3 Fantasticplugins, Woocommerce, Wordpress	3 Sumomemberships, Woocommerce, Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Cross Site Request Forgery.This issue affects SUMO Memberships for WooCommerce: from n/a through < 7.8.0.
CVE-2025-60238	1 Wordpress	1 Wordpress	2026-04-23	9.8 Critical
Deserialization of Untrusted Data vulnerability in universam UNIVERSAM universam-demo allows Object Injection.This issue affects UNIVERSAM: from n/a through <= 9.04.02.
CVE-2025-60237	2 Themeton, Wordpress	2 Finag, Wordpress	2026-04-23	9.8 Critical
Deserialization of Untrusted Data vulnerability in Themeton Finag finag allows Object Injection.This issue affects Finag: from n/a through <= 1.5.0.
CVE-2025-60233	2 Themeton, Wordpress	2 Zuut, Wordpress	2026-04-23	9.8 Critical
Deserialization of Untrusted Data vulnerability in Themeton Zuut zuut allows Object Injection.This issue affects Zuut: from n/a through <= 1.4.2.
CVE-2025-60227	2 Thimpress, Wordpress	2 Wp Pipes, Wordpress	2026-04-23	8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThimPress WP Pipes wp-pipes allows Path Traversal.This issue affects WP Pipes: from n/a through <= 1.4.3.
CVE-2025-60219	3 Harutheme, Woocommerce, Wordpress	3 Woocommerce Designer Pro, Woocommerce, Wordpress	2026-04-23	10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro wc-designer-pro allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Designer Pro: from n/a through <= 1.9.24.
CVE-2025-60217	1 Wordpress	1 Wordpress	2026-04-23	7.7 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ypromo PT Luxa Addons pt-luxa-addons allows Path Traversal.This issue affects PT Luxa Addons: from n/a through <= 1.2.2.
CVE-2025-60192	2 Premmerce, Wordpress	2 Wholesale Pricing For Woocommerce, Wordpress	2026-04-23	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through <= 1.1.10.
CVE-2025-60191	3 Premmerce, Woocommerce, Wordpress	3 Wishlist For Woocommerce, Woocommerce, Wordpress	2026-04-23	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wishlist for WooCommerce premmerce-woocommerce-wishlist allows PHP Local File Inclusion.This issue affects Premmerce Wishlist for WooCommerce: from n/a through <= 1.1.10.

« first previous Page 173 of 17331. next last »