9 Innings\ CVEs and Security Vulnerabilities

Export limit exceeded: 341854 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 27), (line:1, col:28)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341854 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25004	2 Creativemindssolutions, Wordpress	2 Cm Business Directory, Wordpress	2026-04-01	4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Business Directory cm-business-directory allows Stored XSS.This issue affects CM Business Directory: from n/a through <= 1.5.3.
CVE-2026-25003	2 Madalin.ungureanu, Wordpress	2 Client Portal, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in madalin.ungureanu Client Portal client-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Portal: from n/a through <= 1.2.1.
CVE-2026-25000	2 Kraftplugins, Wordpress	2 Wheel Of Life, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through <= 1.2.0.
CVE-2026-24999	2 Almapay, Wordpress	2 Alma, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Alma Alma alma-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alma: from n/a through <= 5.16.1.
CVE-2026-24998	2 Wordpress, Wpmudev	2 Wordpress, Hustle	2026-04-01	5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through <= 7.8.9.2.
CVE-2026-24997	1 Wordpress	1 Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Wired Impact Wired Impact Volunteer Management wired-impact-volunteer-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wired Impact Volunteer Management: from n/a through <= 2.8.
CVE-2026-24996	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in wpelemento WPElemento Importer wpelemento-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPElemento Importer: from n/a through <= 0.6.4.
CVE-2026-24995	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through <= 14.2.0.
CVE-2026-24994	2 Sunshinephotocart, Wordpress	2 Sunshine Photo Cart, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.7.2.
CVE-2026-24992	2 Wordpress, Wpfactory	2 Wordpress, Advanced Woocommerce Product Sales Reporting	2026-04-01	5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows Retrieve Embedded Sensitive Data.This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through <= 4.1.2.
CVE-2026-24991	1 Wordpress	1 Wordpress	2026-04-01	5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extensions For CF7: from n/a through <= 3.4.0.
CVE-2026-24990	2 Fahad Mahmood, Wordpress	2 Wp Docs, Wordpress	2026-04-01	5.4 Medium
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through <= 2.2.8.
CVE-2026-24988	2 Brian Hogg, Wordpress	2 The Events Calendar Shortcode & Block, Wordpress	2026-04-01	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Hogg The Events Calendar Shortcode & Block the-events-calendar-shortcode allows Stored XSS.This issue affects The Events Calendar Shortcode & Block: from n/a through <= 3.1.1.
CVE-2026-24986	2 Wordpress, Wp.insider	2 Wordpress, Simple Membership Wp User Import	2026-04-01	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wp.insider Simple Membership WP user Import simple-membership-wp-user-import allows Cross Site Request Forgery.This issue affects Simple Membership WP user Import: from n/a through <= 1.9.1.
CVE-2026-24985	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through <= 1.8.2.
CVE-2026-24984	1 Wordpress	1 Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through <= 2.2.9.
CVE-2026-24982	2 Brainstormforce, Wordpress	2 Spectra, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.17.
CVE-2026-24967	1 Wordpress	1 Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in ameliabooking Amelia ameliabooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Amelia: from n/a through <= 1.2.38.
CVE-2026-24966	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Copyscape Copyscape Premium copyscape-premium allows Cross Site Request Forgery.This issue affects Copyscape Premium: from n/a through <= 1.4.1.
CVE-2026-24965	3 Contest-gallery, Contest Gallery, Wordpress	3 Contest Gallery, Contest Gallery, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contest Gallery: from n/a through <= 28.1.1.

« first previous Page 439 of 17093. next last »