Asset Cleanup\ CVEs and Security Vulnerabilities

Export limit exceeded: 336596 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 6), (line:1, col:7)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (336596 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-28009	2 Themerex, Wordpress	2 Dronex, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX DroneX dronex allows PHP Local File Inclusion.This issue affects DroneX: from n/a through <= 1.1.12.
CVE-2026-28006	2 Themerex, Wordpress	2 Yungen, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Yungen yungen allows PHP Local File Inclusion.This issue affects Yungen: from n/a through <= 1.0.12.
CVE-2026-27997	2 Themerex, Wordpress	2 Maxify, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Maxify maxify allows PHP Local File Inclusion.This issue affects Maxify: from n/a through <= 1.0.16.
CVE-2026-27995	2 Themerex, Wordpress	2 Justitia, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Justitia justitia allows PHP Local File Inclusion.This issue affects Justitia: from n/a through <= 1.1.0.
CVE-2026-27993	2 Themerex, Wordpress	2 Aldo, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aldo aldo allows PHP Local File Inclusion.This issue affects Aldo: from n/a through <= 1.0.10.
CVE-2026-27991	2 Themerex, Wordpress	2 Avventure, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affects Avventure: from n/a through <= 1.1.12.
CVE-2026-27989	2 Themerex, Wordpress	2 Quanzo, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Quanzo quanzo allows PHP Local File Inclusion.This issue affects Quanzo: from n/a through <= 1.0.10.
CVE-2026-27987	2 Themerex, Wordpress	2 The Qlean, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX The Qlean the-qlean allows PHP Local File Inclusion.This issue affects The Qlean: from n/a through <= 2.12.
CVE-2026-27985	2 Themerex, Wordpress	2 Humanum, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Humanum humanum allows PHP Local File Inclusion.This issue affects Humanum: from n/a through <= 1.1.4.
CVE-2026-27983	2 Designthemes, Wordpress	2 Lms Elementor Pro, Wordpress	2026-03-06	9.8 Critical
Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through <= 1.0.4.
CVE-2026-27439	2 Themerex, Wordpress	2 Dentario, Wordpress	2026-03-06	9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Dentario dentario allows Object Injection.This issue affects Dentario: from n/a through <= 1.5.
CVE-2026-27437	2 Themerex, Wordpress	2 Tennis Club, Wordpress	2026-03-06	9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Tennis Club tennis-sportclub allows Object Injection.This issue affects Tennis Club: from n/a through <= 1.2.3.
CVE-2026-27417	2 Seventhqueen, Wordpress	2 Sweet Date, Wordpress	2026-03-06	9.8 Critical
Deserialization of Untrusted Data vulnerability in SeventhQueen Sweet Date sweetdate allows Object Injection.This issue affects Sweet Date: from n/a through < 4.0.1.
CVE-2026-27385	2 Designthemes, Wordpress	2 Designthemes Portfolio, Wordpress	2026-03-06	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes DesignThemes Portfolio designthemes-portfolio allows Reflected XSS.This issue affects DesignThemes Portfolio: from n/a through <= 1.3.
CVE-2026-27381	2 Thembay, Wordpress	2 Aora, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through <= 1.3.15.
CVE-2026-27376	2 Janstudio, Wordpress	2 Claue - Clean, Minimal Elementor Woocommerce Theme, Wordpress	2026-03-06	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JanStudio Claue - Clean, Minimal Elementor WooCommerce Theme claue allows Reflected XSS.This issue affects Claue - Clean, Minimal Elementor WooCommerce Theme: from n/a through <= 2.2.7.
CVE-2026-27374	2 Vanquish, Wordpress	2 Woocommerce Order Details, Wordpress	2026-03-06	7.5 High
Missing Authorization vulnerability in vanquish WooCommerce Order Details woocommerce-order-details allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Order Details: from n/a through <= 3.1.
CVE-2026-27370	2 Premio, Wordpress	2 Chaty, Wordpress	2026-03-06	7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Premio Chaty chaty allows Retrieve Embedded Sensitive Data.This issue affects Chaty: from n/a through <= 3.5.1.
CVE-2026-27367	2 Themegoods, Wordpress	2 Musico, Wordpress	2026-03-06	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Musico musico allows Reflected XSS.This issue affects Musico: from n/a through <= 3.2.4.
CVE-2026-27362	2 Kamleshyadav, Wordpress	2 Wp Bakery Autoresponder Addon, Wordpress	2026-03-06	6.5 Medium
Missing Authorization vulnerability in kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bakery Autoresponder Addon: from n/a through <= 1.0.6.

« first previous Page 12 of 16830. next last »