Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (24 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-24949 2 Themegoods, Wordpress 2 Photome, Wordpress 2026-02-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods PhotoMe photome allows DOM-Based XSS.This issue affects PhotoMe: from n/a through <= 5.7.1.
CVE-2026-24943 2 Themegoods, Wordpress 2 Grand Conference, Wordpress 2026-02-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Conference grandconference allows Reflected XSS.This issue affects Grand Conference: from n/a through <= 5.3.4.
CVE-2025-69301 2 Themegoods, Wordpress 2 Photome, Wordpress 2026-02-23 N/A
Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injection.This issue affects PhotoMe: from n/a through <= 5.6.11.
CVE-2025-69370 2 Themegoods, Wordpress 2 Capella, Wordpress 2026-02-23 N/A
Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.This issue affects Capella: from n/a through <= 2.5.5.
CVE-2026-23542 2 Themegoods, Wordpress 2 Grand Restaurant, Wordpress 2026-02-20 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through <= 7.0.10.
CVE-2026-24961 2 Themegoods, Wordpress 2 Grand Blog, Wordpress 2026-02-04 5.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in ThemeGoods Grand Blog grandblog allows Server Side Request Forgery.This issue affects Grand Blog: from n/a through < 3.1.5.
CVE-2025-64224 2 Themegoods, Wordpress 2 Grand Conference, Wordpress 2026-01-29 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Reflected XSS.This issue affects Grand Conference Theme Custom Post Type: from n/a through < 2.6.4.
CVE-2025-67952 2 Themegoods, Wordpress 2 Grand Tour, Wordpress 2026-01-29 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through < 5.6.2.
CVE-2025-39485 1 Themegoods 1 Grand Tour 2026-01-28 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency WordPress allows Object Injection. This issue affects Grand Tour | Travel Agency WordPress: from n/a through 5.5.1.
CVE-2025-39354 2 Themegoods, Wordpress 2 Grand Conference, Wordpress 2026-01-28 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference allows Object Injection.This issue affects Grand Conference: from n/a through 5.2.
CVE-2025-69321 2 Themegoods, Wordpress 2 Grand Spa, Wordpress 2026-01-27 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Spa grandspa allows Reflected XSS.This issue affects Grand Spa: from n/a through <= 3.5.5.
CVE-2025-60116 2 Themegoods, Wordpress 2 Grand Conference, Wordpress 2026-01-27 5.4 Medium
Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Grand Conference Theme Custom Post Type: from n/a through 2.6.3.
CVE-2025-63026 3 Elementor, Themegoods, Wordpress 3 Elementor, Grand Restaurant, Wordpress 2026-01-26 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Restaurant Theme Elements for Elementor grandrestaurant-elementor allows Stored XSS.This issue affects Grand Restaurant Theme Elements for Elementor: from n/a through <= 2.1.1.
CVE-2025-64217 2 Themegoods, Wordpress 2 Photography, Wordpress 2026-01-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Photography photography allows Reflected XSS.This issue affects Photography: from n/a through <= 7.7.2.
CVE-2025-47584 1 Themegoods 1 Photography 2026-01-22 8.5 High
Deserialization of Untrusted Data vulnerability in ThemeGoods Photography.This issue affects Photography: from n/a through 7.5.2.
CVE-2025-47579 2 Themegoods, Wordpress 2 Photography, Wordpress 2026-01-22 9 Critical
Deserialization of Untrusted Data vulnerability in ThemeGoods Photography. This issue affects Photography: from n/a through 7.5.2.
CVE-2025-39353 1 Themegoods 1 Grand Restaurant 2026-01-22 5.3 Medium
Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant WordPress: from n/a through 7.0.
CVE-2025-39352 1 Themegoods 1 Grand Restaurant 2026-01-22 8.2 High
Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant WordPress: from n/a through 7.0.
CVE-2025-67922 2 Themegoods, Wordpress 2 Grand Restaurant, Wordpress 2026-01-22 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Reflected XSS.This issue affects Grand Restaurant: from n/a through < 7.0.9.
CVE-2025-39351 1 Themegoods 1 Grand Restaurant 2026-01-22 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Restaurant WordPress allows Cross Site Request Forgery.This issue affects Grand Restaurant WordPress: from n/a through 7.0.