Slots\ CVEs and Security Vulnerabilities

Export limit exceeded: 341854 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 29), (line:1, col:30)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341854 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25387	2 Elementor, Wordpress	2 Image Optimizer By Elementor, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Elementor Image Optimizer by Elementor image-optimization allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Optimizer by Elementor: from n/a through <= 1.7.1.
CVE-2026-25386	2 Elementor, Wordpress	2 Ally, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Elementor Ally pojo-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ally: from n/a through <= 4.0.2.
CVE-2026-25385	2 Kaizencoders, Wordpress	2 Url Shortify, Wordpress	2026-04-01	5.5 Medium
Server-Side Request Forgery (SSRF) vulnerability in KaizenCoders URL Shortify url-shortify allows Server Side Request Forgery.This issue affects URL Shortify: from n/a through <= 1.12.3.
CVE-2026-25384	2 Wordpress, Wplab	2 Wordpress, Wp-lister Lite For Ebay	2026-04-01	5.3 Medium
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through <= 3.8.5.
CVE-2026-25378	2 Neliosoftware, Wordpress	2 Nelio Ab Testing, Wordpress	2026-04-01	7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through <= 8.2.4.
CVE-2026-25375	2 Wordpress, Wpchill	2 Wordpress, Image Photo Gallery Final Tiles Grid	2026-04-01	4.3 Medium
Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.10.
CVE-2026-25374	2 Rarathemes, Wordpress	2 Spa And Salon, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in raratheme Spa and Salon spa-and-salon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spa and Salon: from n/a through <= 1.3.2.
CVE-2026-25372	2 Kodezen, Wordpress	2 Academy Lms, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through <= 3.5.3.
CVE-2026-25370	2 Aresit, Wordpress	2 Wp Compress, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress: from n/a through <= 6.60.28.
CVE-2026-25368	2 Codepeople, Wordpress	2 Calculated Fields Form, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in codepeople Calculated Fields Form calculated-fields-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Calculated Fields Form: from n/a through <= 5.4.4.1.
CVE-2026-25367	2 Nootheme, Wordpress	2 Citilights, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through < 3.7.2.
CVE-2026-25364	2 Boldgrid, Wordpress	2 Client Invoicing By Sprout Invoices, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.8.
CVE-2026-25363	2 Fooplugins, Wordpress	2 Foogallery, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through <= 3.1.11.
CVE-2026-25362	2 Fooplugins, Wordpress	2 Foogallery, Wordpress	2026-04-01	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through <= 3.1.11.
CVE-2026-25348	2 Alttextai, Wordpress	2 Download Alt Text Ai, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through <= 1.10.15.
CVE-2026-25343	2 Veronalabs, Wordpress	2 Wp Sms, Wordpress	2026-04-01	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS wp-sms allows DOM-Based XSS.This issue affects WP SMS: from n/a through <= 7.1.
CVE-2026-25338	2 Ays Pro, Wordpress	2 Ai Chatbot With Chatgpt And Content Generator By Ays, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.7.4.
CVE-2026-25337	2 Wordpress, Wpcoachify	2 Wordpress, Coachify	2026-04-01	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpcoachify Coachify coachify allows Cross Site Request Forgery.This issue affects Coachify: from n/a through <= 1.1.5.
CVE-2026-25336	2 Wordpress, Wpcoachify	2 Wordpress, Coachify	2026-04-01	5.3 Medium
Missing Authorization vulnerability in wpcoachify Coachify coachify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coachify: from n/a through <= 1.1.5.
CVE-2026-25335	2 Ays-pro, Wordpress	2 Secure Copy Content Protection And Content Locking, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 5.0.0.

« first previous Page 436 of 17093. next last »