CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 10465 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10465 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-33585	1 Wordpress	1 Payment Gateway Based Fees And Discounts For Woocommerce	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Tyche Softwares Payment Gateway Based Fees and Discounts for WooCommerce.This issue affects Payment Gateway Based Fees and Discounts for WooCommerce: from n/a through 2.12.1.
CVE-2025-58599	2 Tychesoftwares, Wordpress	2 Order Delivery Date For Woocommerce, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in tychesoftwares Order Delivery Date for WooCommerce order-delivery-date-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Delivery Date for WooCommerce: from n/a through <= 4.1.0.
CVE-2025-58606	2 Cozythemes, Wordpress	2 Saaslauncher, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in cozythemes SaasLauncher saaslauncher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SaasLauncher: from n/a through <= 1.3.0.
CVE-2025-58613	1 Wordpress	1 Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in Barn2 Plugins Posts Table with Search & Sort posts-data-table allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Table with Search & Sort: from n/a through <= 1.4.10.
CVE-2024-33588			2026-04-15	5.4 Medium
Missing Authorization vulnerability in codeSavory Knowledge Base documentation & wiki plugin – BasePress.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through 2.16.1.
CVE-2025-58622	2 Wordpress, Yydevelopment	2 Wordpress, Mobile Contact Line Plugin	2026-04-15	N/A
Missing Authorization vulnerability in yydevelopment Mobile Contact Line mobile-contact-line allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobile Contact Line: from n/a through <= 2.4.0.
CVE-2024-55992			2026-04-15	N/A
Missing Authorization vulnerability in Open Tools WooCommerce Basic Ordernumbers woocommerce-basic-ordernumbers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Basic Ordernumbers: from n/a through <= 1.4.4.
CVE-2025-58663	2 Themeum, Wordpress	2 Qubely, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through <= 1.8.14.
CVE-2025-58664	1 Wordpress	1 Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in Azizul Hasan Text To Speech TTS Accessibility text-to-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Text To Speech TTS Accessibility: from n/a through <= 1.9.30.
CVE-2025-58666	1 Wordpress	1 Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration website-chat-button-kommo-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Website Chat Button: Kommo integration: from n/a through <= 1.3.1.
CVE-2025-58667	1 Wordpress	1 Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro Reviews: from n/a through < 2.9.11.
CVE-2025-58672	1 Wordpress	1 Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.1.12.
CVE-2025-58678	2 Pickplugins, Wordpress	2 Accordion, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion: from n/a through <= 2.3.15.
CVE-2025-58685	3 Cecabank, Woocommerce, Wordpress	3 Woocommerce Plugin, Woocommerce, Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in cecabank Cecabank WooCommerce Plugin cecabank-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cecabank WooCommerce Plugin: from n/a through <= 0.3.4.
CVE-2025-23615	1 Wordpress	1 Wordpress	2026-04-15	N/A
Missing Authorization vulnerability in gtekelis Interactive Page Hierarchy interactive-page-hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Interactive Page Hierarchy: from n/a through <= 1.0.1.
CVE-2025-23961			2026-04-15	N/A
Missing Authorization vulnerability in wptasker WordPress Graphs & Charts graph-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Graphs & Charts: from n/a through <= 2.0.8.
CVE-2024-38733			2026-04-15	5.4 Medium
Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12.
CVE-2025-2224			2026-04-15	5.3 Medium
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'parse_query' function in all versions up to, and including, 8.2. This makes it possible for unauthenticated attackers to update the post_status of any post to 'publish'.
CVE-2025-2276			2026-04-15	4.3 Medium
The Ultimate Dashboard – Custom WordPress Dashboard plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_module_actions function in all versions up to, and including, 3.8.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate/deactivate plugin modules.
CVE-2025-67584	1 Wordpress	1 Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6.

« first previous Page 38 of 524. next last »