Export limit exceeded: 346267 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 346267 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 346267 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 346267 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 26), (line:1, col:27)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346267 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-24540 2 Prince, Wordpress 2 Integrate Google Drive, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in princeahmed Integrate Google Drive integrate-google-drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through <= 1.5.6.
CVE-2026-24539 2 Clickdatos, Wordpress 2 Proteccion De Datos Rgpd, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in ABCdatos Protección de datos &#8211; RGPD proteccion-datos-rgpd allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protección de datos &#8211; RGPD: from n/a through <= 0.68.
CVE-2026-24538 2 Omnipressteam, Wordpress 2 Omnipress, Wordpress 2026-04-23 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through <= 1.6.7.
CVE-2026-24536 2 Webpushr, Wordpress 2 Web Push Notifications, Wordpress 2026-04-23 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through <= 4.38.0.
CVE-2026-24535 2 Webdevstudios, Wordpress 2 Automatic Featured Images From Videos, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through <= 1.2.7.
CVE-2026-24534 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through <= 1.5.7.
CVE-2026-24532 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through <= 5.0.2.
CVE-2026-24531 1 Wordpress 1 Wordpress 2026-04-23 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 2.3.
CVE-2026-24530 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in sheepfish WebP Conversion webp-conversion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebP Conversion: from n/a through <= 2.2.
CVE-2026-24526 3 Steve Truman, Woocommerce, Wordpress 3 Email Inquiry & Cart Options For Woocommerce, Woocommerce, Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Truman Email Inquiry &amp; Cart Options for WooCommerce woocommerce-email-inquiry-cart-options allows DOM-Based XSS.This issue affects Email Inquiry &amp; Cart Options for WooCommerce: from n/a through <= 3.5.0.
CVE-2026-24525 2 Cloudpanel, Wordpress 2 Clp Varnish Cache, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through <= 1.0.2.
CVE-2026-24524 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.2.8.
CVE-2026-24523 1 Wordpress 1 Wordpress 2026-04-23 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus (aka @msykes) WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through <= 1.6.
CVE-2026-24522 2 Mythemeshop, Wordpress 2 Wp Subscribe, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in MyThemeShop WP Subscribe wp-subscribe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscribe: from n/a through <= 1.2.16.
CVE-2026-24390 3 Elementor, Qantumthemes, Wordpress 3 Elementor, Kentha Elementor Widgets, Wordpress 2026-04-23 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in QantumThemes Kentha Elementor Widgets kentha-elementor allows PHP Local File Inclusion.This issue affects Kentha Elementor Widgets: from n/a through < 3.1.
CVE-2026-24387 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through <= 2.1.
CVE-2026-24386 3 Elementinvader, Elementor, Wordpress 3 Template Kits For Elementor, Elementor, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Element Invader Element Invader &#8211; Template Kits for Elementor elementinvader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Invader &#8211; Template Kits for Elementor: from n/a through <= 1.2.4.
CVE-2026-24384 1 Wordpress 1 Wordpress 2026-04-23 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through <= 2.14.
CVE-2026-24382 2 Wordpress, Wp-royal-themes 2 Wordpress, News Magazine X 2026-04-23 7.5 High
Missing Authorization vulnerability in wproyal News Magazine X news-magazine-x allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Magazine X: from n/a through <= 1.2.50.
CVE-2026-24381 1 Wordpress 1 Wordpress 2026-04-23 5.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in ThemeGoods PhotoMe photome allows Server Side Request Forgery.This issue affects PhotoMe: from n/a through < 5.7.2.