Core Ftp/sftp Server CVEs and Security Vulnerabilities

Export limit exceeded: 343831 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '/' (at char 35), (line:1, col:36)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (343831 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-39469	2 Softaculous, Wordpress	2 Pagelayer, Wordpress	2026-04-08	N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8.
CVE-2026-39475	2 Syed Balkhi, Wordpress	2 User Feedback, Wordpress	2026-04-08	N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.1.
CVE-2026-39476	2 Syed Balkhi, Wordpress	2 User Feedback, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through <= 1.10.1.
CVE-2026-39479	2 Brainstorm Force, Wordpress	2 Ottokit, Wordpress	2026-04-08	N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brainstorm Force OttoKit suretriggers allows Blind SQL Injection.This issue affects OttoKit: from n/a through <= 1.1.20.
CVE-2026-39482	2 Publishpress, Wordpress	2 Post Expirator, Wordpress	2026-04-08	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PublishPress Post Expirator post-expirator allows DOM-Based XSS.This issue affects Post Expirator: from n/a through <= 4.9.4.
CVE-2026-39484	2 John Darrel, Wordpress	2 Hide My Wp Ghost, Wordpress	2026-04-08	N/A
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through < 7.0.00.
CVE-2026-39485	2 Embedplus, Wordpress	2 Youtube Embed Plus, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in embedplus Youtube Embed Plus youtube-embed-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Youtube Embed Plus: from n/a through <= 14.2.4.
CVE-2026-39486	2 Wordpress, Wpchill	2 Wordpress, Download Monitor	2026-04-08	N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through <= 5.1.8.
CVE-2026-39500	2 Themesflat, Wordpress	2 Themesflat Addons For Elementor, Wordpress	2026-04-08	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat themesflat-addons-for-elementor themesflat-addons-for-elementor allows Stored XSS.This issue affects themesflat-addons-for-elementor: from n/a through <= 2.3.2.
CVE-2026-39504	2 Instawp, Wordpress	2 Instawp Connect, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.2.5.
CVE-2026-39520	2 Wedevs, Wordpress	2 Wedocs, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through <= 2.1.18.
CVE-2026-39569	2 Aa Web Servant, Wordpress	2 12 Step Meeting List, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9.
CVE-2026-39571	2 Themefic, Wordpress	2 Instantio, Wordpress	2026-04-08	N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through <= 3.3.30.
CVE-2026-39575	2 Ronald Huereca, Wordpress	2 Custom Query Blocks, Wordpress	2026-04-08	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through <= 5.5.0.
CVE-2026-39585	2 Arraytics, Wordpress	2 Booktics, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in Arraytics Booktics booktics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booktics: from n/a through <= 1.0.16.
CVE-2026-39588	2 Nmerii, Wordpress	2 Nm Gift Registry And Wishlist Lite, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in nmerii NM Gift Registry and Wishlist Lite nm-gift-registry-and-wishlist-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NM Gift Registry and Wishlist Lite: from n/a through <= 5.13.
CVE-2026-39605	2 Obadiah, Wordpress	2 Super Custom Login, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through <= 1.1.
CVE-2026-39615	2 Shahjada, Wordpress	2 Download Manager, Wordpress	2026-04-08	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahjada Download Manager download-manager allows Stored XSS.This issue affects Download Manager: from n/a through <= 3.3.53.
CVE-2026-39622	2 Acmethemes, Wordpress	2 Education Base, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through <= 3.0.8.
CVE-2026-39624	2 Kutethemes, Wordpress	2 Biolife, Wordpress	2026-04-08	N/A
Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biolife: from n/a through <= 3.2.3.

« first previous Page 65 of 17192. next last »