CWE-862 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6938 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-66083	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 5.0.4.
CVE-2025-66082	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 5.0.4.
CVE-2025-66080	2 Wordpress, Wp Legal Pages	2 Wordpress, Wp Cookie Notice	2026-01-20	5.3 Medium
Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 4.0.3.
CVE-2025-66077	2 Wordpress, Wpwax	2 Wordpress, Legal Pages	2026-01-20	4.3 Medium
Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Legal Pages: from n/a through <= 1.4.6.
CVE-2025-66075	2 Wordpress, Wp Legal Pages	2 Wordpress, Wp Cookie Notice	2026-01-20	4.2 Medium
Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through <= 4.0.3.
CVE-2025-66072	1 Wordpress	1 Wordpress	2026-01-20	9.8 Critical
Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through <= 1.2.47.
CVE-2025-66070	1 Wordpress	1 Wordpress	2026-01-20	7.5 High
Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through <= 2.4.10.
CVE-2025-66069	3 Themeisle, Woocommerce, Wordpress	3 Ppom For Woocommerce, Woocommerce, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPOM for WooCommerce: from n/a through <= 33.0.16.
CVE-2025-66068	2 Instawp, Wordpress	2 Instawp Connect, Wordpress	2026-01-20	6.5 Medium
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.1.9.
CVE-2025-66065	2 Jegstudio, Wordpress	2 Gutenverse, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Jegstudio Gutenverse gutenverse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse: from n/a through <= 3.2.1.
CVE-2025-66063	2 Jgwhite33, Wordpress	2 Wp Google Review Slider, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in jgwhite33 WP Google Review Slider wp-google-places-review-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Google Review Slider: from n/a through <= 17.4.
CVE-2025-66060	3 Castos, Craig Hewitt, Wordpress	3 Seriously Simple Podcasting, Seriously Simple Podcasting, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seriously Simple Podcasting: from n/a through <= 3.13.0.
CVE-2025-66058	2 Pickplugins, Wordpress	2 Post Grid, Wordpress	2026-01-20	6.5 Medium
Missing Authorization vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.3.17.
CVE-2025-66054	2 Thimpress, Wordpress	2 Learnpress, Wordpress	2026-01-20	7.5 High
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through <= 4.2.9.4.
CVE-2025-64639	3 Mainwp, Wordpress, Wp Compress	3 Mainwp, Wordpress, For Mainwp	2026-01-20	5.3 Medium
Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through <= 6.50.07.
CVE-2025-64638	3 Onpay.io, Woocommerce, Wordpress	3 For Woocommerce, Woocommerce, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in OnPay.io OnPay.io for WooCommerce onpay-io-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnPay.io for WooCommerce: from n/a through <= 1.0.47.
CVE-2025-64634	2 Theme-fusion, Wordpress	2 Avada, Wordpress	2026-01-20	8.8 High
Missing Authorization vulnerability in ThemeFusion Avada avada allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Avada: from n/a through <= 7.13.1.
CVE-2025-64632	2 Auctollo, Wordpress	2 Google-sitemap-generator, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Auctollo Google XML Sitemaps google-sitemap-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google XML Sitemaps: from n/a through <= 4.1.21.
CVE-2025-64630	2 Strategy11, Wordpress	2 Business Directory Plugin, Wordpress	2026-01-20	4.7 Medium
Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through <= 6.4.19.
CVE-2025-64384	1 Wordpress	1 Wordpress	2026-01-20	6.3 Medium
Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetFormBuilder: from n/a through <= 3.5.3.

« first previous Page 44 of 347. next last »