Concierge\ CVEs and Security Vulnerabilities

Export limit exceeded: 347213 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 22), (line:1, col:23)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347213 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-7290	1 Jeecg	1 Jeecgboot	2026-04-29	6.3 Medium
A vulnerability was determined in JeecgBoot up to 3.9.1. Impacted is the function SqlInjectionUtil of the file jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java of the component loadDict Endpoint. This manipulation of the argument keyword causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Patch name: a9c8e8eb1185751c4c3c68d2a53f3dadee9edc6b. To fix this issue, it is recommended to deploy a patch.
CVE-2025-22285			2026-04-29	N/A
Missing Authorization vulnerability in enituretechnology Pallet Packaging for WooCommerce pallet-packaging-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pallet Packaging for WooCommerce: from n/a through <= 1.1.15.
CVE-2025-68029	2 Wordpress, Wpswings	2 Wordpress, Wallet System For Woocommerce	2026-04-29	N/A
Insertion of Sensitive Information Into Sent Data vulnerability in WP Swings Wallet System for WooCommerce wallet-system-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Wallet System for WooCommerce: from n/a through <= 2.7.3.
CVE-2025-63030	1 Wordpress	1 Wordpress	2026-04-29	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal New User Approve new-user-approve allows Cross Site Request Forgery.This issue affects New User Approve: from n/a through <= 3.2.3.
CVE-2025-22287			2026-04-29	5.4 Medium
Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – FreightQuote Edition ltl-freight-quotes-freightquote-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – FreightQuote Edition: from n/a through <= 2.3.11.
CVE-2026-40778	2 Majesticsupport, Wordpress	2 Majestic Support, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Majestic Support: from n/a through <= 1.1.2.
CVE-2026-40784	2 Mahmudul Hasan Arif, Wordpress	2 Fluentboards, Wordpress	2026-04-29	8.1 High
Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through <= 1.91.2.
CVE-2026-40786	2 Long Watch Studio, Wordpress	2 Myrewards, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through <= 5.7.3.
CVE-2026-40742	2 Neliosoftware, Wordpress	2 Nelio Ab Testing, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio AB Testing: from n/a through <= 8.2.8.
CVE-2026-40764	2 Syed Balkhi, Wordpress	2 Contact Form By Wpforms, Wordpress	2026-04-29	8.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through <= 1.10.0.2.
CVE-2026-40728	2 Blockart, Wordpress	2 Magazine Blocks, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through <= 1.8.3.
CVE-2026-40729	2 Bplugins, Wordpress	2 3d Viewer – Embed 3d Models, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through <= 1.8.5.
CVE-2026-39701	2 Andrew, Wordpress	2 Shopwp, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Andrew ShopWP wpshopify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShopWP: from n/a through <= 5.2.4.
CVE-2026-39704	2 Nfusionsolutions, Wordpress	2 Precious Metals Automated Product Pricing – Pro, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in nfusionsolutions Precious Metals Automated Product Pricing – Pro precious-metals-automated-product-pricing-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Precious Metals Automated Product Pricing – Pro: from n/a through <= 4.0.5.
CVE-2026-39706	2 Netro Systems, Wordpress	2 Make My Trivia, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Netro Systems Make My Trivia trivialy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Make My Trivia: from n/a through <= 1.1.0.
CVE-2026-39700	2 Wordpress, Wpxpo	2 Wordpress, Wowoptin	2026-04-29	5.3 Medium
Missing Authorization vulnerability in WPXPO WowOptin optin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowOptin: from n/a through <= 1.4.32.
CVE-2026-39713	2 Mailercloud, Wordpress	2 Mailercloud – Integrate Webforms And Synchronize Website Contacts, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in mailercloud Mailercloud – Integrate webforms and synchronize website contacts mailercloud-integrate-webforms-synchronize-contacts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mailercloud – Integrate webforms and synchronize website contacts: from n/a through <= 1.0.7.
CVE-2026-39689	2 Eshipper, Wordpress	2 Eshipper Commerce, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in eshipper eShipper Commerce eshipper-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eShipper Commerce: from n/a through <= 2.16.12.
CVE-2026-39712	2 Tagdiv, Wordpress	2 Tagdiv Composer, Wordpress	2026-04-29	5.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through <= 5.4.3.
CVE-2026-39716	2 Ckthemes, Wordpress	2 Flipmart, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in CKThemes Flipmart flipmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flipmart: from n/a through <= 2.8.

« first previous Page 14 of 17361. next last »