Dbd\ CVEs and Security Vulnerabilities

Search

Expected end of text, found ':' (at char 33), (line:1, col:34)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341885 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-68039	1 Wordpress	1 Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through <= 2.1.0.
CVE-2025-68038	2 Icegram, Wordpress	2 Icegram Express, Wordpress	2026-04-01	9.8 Critical
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers-premium allows Object Injection.This issue affects Icegram Express Pro: from n/a through < 5.9.14.
CVE-2025-68034	1 Wordpress	1 Wordpress	2026-04-01	9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through <= 1.5.21.
CVE-2025-68021	2 Conveythis, Wordpress	2 Conveythis, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 269.8.
CVE-2025-68020	2 Wanotifier, Wordpress	2 Wanotifier, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through <= 2.7.13.
CVE-2025-68018	3 Ilmosys, Woocommerce, Wordpress	3 Order Listener For Woocommerce, Woocommerce, Wordpress	2026-04-01	9.4 Critical
Missing Authorization vulnerability in StackWC Order Listener for WooCommerce woc-order-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Listener for WooCommerce: from n/a through <= 3.6.1.
CVE-2025-68015	2 Vollstart, Wordpress	2 Event Tickets With Ticket Scanner, Wordpress	2026-04-01	9 Critical
Improper Control of Generation of Code ('Code Injection') vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Code Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through <= 2.8.5.
CVE-2025-68005	2 Themewant, Wordpress	2 Easy Hotel Booking, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in themewant Easy Hotel Booking easy-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Hotel Booking: from n/a through <= 1.9.0.
CVE-2025-67623	1 Wordpress	1 Wordpress	2026-04-01	9.1 Critical
Server-Side Request Forgery (SSRF) vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through <= 2.20.2.
CVE-2025-67583	2 Themeatelier, Wordpress	2 Idonate, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through <= 2.1.15.
CVE-2025-67570	2 Westerndeal, Wordpress	2 Wpforms Google Sheet Connector, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in WesternDeal WPForms Google Sheet Connector gsheetconnector-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPForms Google Sheet Connector: from n/a through <= 4.0.0.
CVE-2025-67535	2 Weplugins, Wordpress	2 Wp Maps, Wordpress	2026-04-01	6.5 Medium
Deserialization of Untrusted Data vulnerability in Flipper Code - WordPress Development Company WP Maps wp-google-map-plugin allows Object Injection.This issue affects WP Maps: from n/a through <= 4.8.6.
CVE-2025-66134	2 Ninjateam, Wordpress	2 Filebird, Wordpress	2026-04-01	5.4 Medium
Missing Authorization vulnerability in NinjaTeam FileBird Pro filebird-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FileBird Pro: from n/a through <= 6.5.1.
CVE-2025-66132	1 Wordpress	1 Wordpress	2026-04-01	6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in FAPI Business s.r.o. FAPI Member fapi-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAPI Member: from n/a through <= 2.2.29.
CVE-2025-66131	1 Wordpress	1 Wordpress	2026-04-01	9.1 Critical
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through <= 2.2.11.
CVE-2025-66127	2 G5theme, Wordpress	2 Essential Real Estate, Wordpress	2026-04-01	5.4 Medium
Missing Authorization vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Real Estate: from n/a through <= 5.2.9.
CVE-2025-66124	2 Wordpress, Zeen101	2 Wordpress, Leaky Paywall	2026-04-01	5.3 Medium
Missing Authorization vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leaky Paywall: from n/a through <= 4.22.6.
CVE-2025-66110	2 Bplugins, Wordpress	2 Tiktok Feed Plugin, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in bPlugins Tiktok Feed b-tiktok-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tiktok Feed: from n/a through <= 1.0.23.
CVE-2025-66109	3 Octolize, Woocommerce, Wordpress	3 Cart Weight For Woocommerce, Woocommerce, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Octolize Shipping Plugins Cart Weight for WooCommerce woo-cart-weight allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cart Weight for WooCommerce: from n/a through <= 1.9.11.
CVE-2025-66067	2 Funnelkit, Wordpress	2 Funnel Builder, Wordpress	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows DOM-Based XSS.This issue affects Funnel Builder by FunnelKit: from n/a through <= 3.13.1.2.

« first previous Page 402 of 17095. next last »