CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 335260 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9492 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-67589	2 Wordpress, Wpovernight	2 Wordpress, Woocommerce Pdf Invoices\& Packing Slips	2026-01-20	4.3 Medium
Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through <= 4.9.1.
CVE-2025-67588	2 Elementor, Wordpress	2 Website Builder, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.33.0.
CVE-2025-67586	2 Ronald Huereca, Wordpress	2 Highlight And Share, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Highlight and Share: from n/a through <= 5.2.0.
CVE-2025-67584	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6.
CVE-2025-67583	2 Themeatelier, Wordpress	2 Idonate, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through <= 2.1.15.
CVE-2025-67582	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1.
CVE-2025-67581	2 Themetechmount, Wordpress	2 Truebooker, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.0.
CVE-2025-67573	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in ThimPress Sailing sailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sailing: from n/a through < 4.4.6.
CVE-2025-67572	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through < 6.7.4.
CVE-2025-67571	2 Getwpfunnels, Wordpress	2 Wpfunnels, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPFunnels: from n/a through <= 3.6.2.
CVE-2025-67570	2 Westerndeal, Wordpress	2 Wpforms Google Sheet Connector, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in GSheetConnector by WesternDeal WPForms Google Sheet Connector gsheetconnector-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPForms Google Sheet Connector: from n/a through <= 4.0.0.
CVE-2025-67569	2 Scriptsbundle, Wordpress	2 Adforest, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in scriptsbundle AdForest adforest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AdForest: from n/a through <= 6.0.11.
CVE-2025-67568	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in xtemos Basel basel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Basel: from n/a through <= 5.9.1.
CVE-2025-67566	2 Wofficeio, Wordpress	2 Woffice Core, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in WofficeIO Woffice Core woffice-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woffice Core: from n/a through <= 5.4.30.
CVE-2025-67563	2 Saadiqbal, Wordpress	2 Post Smtp, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 3.6.1.
CVE-2025-67562	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through < 20.0.
CVE-2025-67561	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewer debug-log-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Log Viewer: from n/a through <= 2.0.3.
CVE-2025-67560	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Missing Authorization vulnerability in Webilia Inc. Listdom listdom allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listdom: from n/a through <= 5.0.1.
CVE-2025-67559	2 Vcita, Wordpress	3 Online Booking & Scheduling Calendar For Wordpress By Vcita, Online Booking \& Scheduling Calendar, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through <= 4.5.5.
CVE-2025-67548	2 Wordpress, Wpdelicious	2 Wordpress, Wp Delicious	2026-01-20	6.5 Medium
Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through <= 1.9.1.

« first previous Page 49 of 475. next last »