Pagi\ CVEs and Security Vulnerabilities

Export limit exceeded: 343957 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 28), (line:1, col:29)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (343957 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-39623	2 Kutethemes, Wordpress	2 Biolife, Wordpress	2026-04-10	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Biolife biolife allows PHP Local File Inclusion.This issue affects Biolife: from n/a through <= 3.2.3.
CVE-2026-39625	2 Kutethemes, Wordpress	2 Techone, Wordpress	2026-04-10	5.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through <= 3.0.3.
CVE-2026-39627	2 Wordpress, Wproyal	2 Wordpress, Ashe	2026-04-10	4.3 Medium
Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe: from n/a through <= 2.266.
CVE-2026-39629	2 Kutethemes, Wordpress	2 Uminex, Wordpress	2026-04-10	5.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Uminex: from n/a through <= 1.0.9.
CVE-2026-39631	2 Ronik@unlimitedwp, Wordpress	2 Wpschoolpress, Wordpress	2026-04-10	4.9 Medium
Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through <= 2.2.35.
CVE-2026-39633	2 Themegoods, Wordpress	2 Grand Car Rental, Wordpress	2026-04-10	6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Car Rental grandcarrental allows Cross Site Request Forgery.This issue affects Grand Car Rental: from n/a through <= 3.6.9.
CVE-2026-39635	2 Themegoods, Wordpress	2 Grand Magazine, Wordpress	2026-04-10	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through <= 3.5.5.
CVE-2026-39637	2 Spabrice, Wordpress	2 Mogi, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through <= 1.2.3.
CVE-2026-39639	2 Redpixelstudios, Wordpress	2 Rps Include Content, Wordpress	2026-04-10	6.5 Medium
Missing Authorization vulnerability in redpixelstudios RPS Include Content rps-include-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RPS Include Content: from n/a through <= 1.2.2.
CVE-2026-39641	2 Skywarrior, Wordpress	2 Blackfyre, Wordpress	2026-04-10	6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through <= 2.5.4.
CVE-2026-39644	2 Roxnor, Wordpress	2 Wp Ultimate Review, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wp Ultimate Review: from n/a through <= 2.3.8.
CVE-2026-39646	2 Bozdoz, Wordpress	2 Leaflet Map, Wordpress	2026-04-10	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bozdoz Leaflet Map leaflet-map allows Stored XSS.This issue affects Leaflet Map: from n/a through <= 3.4.4.
CVE-2026-39648	2 Themebeez, Wordpress	2 Cream Blog, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through <= 2.1.7.
CVE-2026-39650	2 Unitech Web, Wordpress	2 Unitechpay, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in Unitech Web UnitechPay unitechpay-paiements-mobile-money allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnitechPay: from n/a through <= 1.0.2.
CVE-2026-39652	2 Igms, Wordpress	2 Igms Direct Booking, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in igms iGMS Direct Booking igms-direct-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iGMS Direct Booking: from n/a through <= 1.3.
CVE-2026-39657	2 Leadlovers, Wordpress	2 Leadlovers Forms, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in leadlovers leadlovers forms leadlovers-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects leadlovers forms: from n/a through <= 1.0.2.
CVE-2026-39659	2 Ultimatemember, Wordpress	2 Ultimate Member, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through <= 2.11.3.
CVE-2026-39662	2 Prowcplugins, Wordpress	2 Product Price By Formula For Woocommerce, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through <= 2.5.6.
CVE-2026-39664	2 Leadrebel, Wordpress	2 Leadrebel, Wordpress	2026-04-10	5.3 Medium
Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadrebel: from n/a through <= 1.0.2.
CVE-2026-39670	2 Brecht, Wordpress	2 Visual Link Preview, Wordpress	2026-04-10	6 Medium
Server-Side Request Forgery (SSRF) vulnerability in Brecht Visual Link Preview visual-link-preview allows Server Side Request Forgery.This issue affects Visual Link Preview: from n/a through <= 2.3.0.

« first previous Page 31 of 17198. next last »