Export limit exceeded: 341843 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 341843 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 341843 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '\' (at char 29), (line:1, col:30)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341843 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-24594 2 Livemesh, Wordpress 2 Addons For Wpbakery Page Builder, Wordpress 2026-04-01 4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.This issue affects Livemesh Addons for WPBakery Page Builder: from n/a through <= 3.9.4.
CVE-2026-24593 2 Strategy11, Wordpress 2 Awp Classifieds, Wordpress 2026-04-01 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Retrieve Embedded Sensitive Data.This issue affects AWP Classifieds: from n/a through <= 4.4.3.
CVE-2026-24591 2 Wordpress, Yasir129 2 Wordpress, Turn Yoast Seo Faq Block To Accordion 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yasir129 Turn Yoast SEO FAQ Block to Accordion faq-schema-block-to-accordion allows Stored XSS.This issue affects Turn Yoast SEO FAQ Block to Accordion: from n/a through <= 1.0.6.
CVE-2026-24589 2 Cargus Ecommerce, Wordpress 2 Cargus, Wordpress 2026-04-01 5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in Cargus eCommerce Cargus cargus allows Retrieve Embedded Sensitive Data.This issue affects Cargus: from n/a through <= 1.5.8.
CVE-2026-24588 1 Wordpress 1 Wordpress 2026-04-01 4.3 Medium
Missing Authorization vulnerability in topdevs Smart Product Viewer smart-product-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Product Viewer: from n/a through <= 1.5.4.
CVE-2026-24587 1 Wordpress 1 Wordpress 2026-04-01 5.4 Medium
Missing Authorization vulnerability in kutsy AJAX Hits Counter + Popular Posts Widget ajax-hits-counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Hits Counter + Popular Posts Widget: from n/a through <= 0.10.210305.
CVE-2026-24585 3 Hyyan Abo Fakher, Woocommerce, Wordpress 3 Hyyan Woocommerce Polylang Integration, Woocommerce, Wordpress 2026-04-01 6.5 Medium
Missing Authorization vulnerability in Hyyan Abo Fakher Hyyan WooCommerce Polylang Integration woo-poly-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hyyan WooCommerce Polylang Integration: from n/a through <= 1.5.0.
CVE-2026-24584 2 Themeum, Wordpress 2 Tutor Lms, Wordpress 2026-04-01 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS BunnyNet Integration tutor-lms-bunnynet-integration allows DOM-Based XSS.This issue affects Tutor LMS BunnyNet Integration: from n/a through <= 1.0.0.
CVE-2026-24583 2 Sumup, Wordpress 2 Payment Gateway For Woocommerce, Wordpress 2026-04-01 5.3 Medium
Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through <= 2.7.9.
CVE-2026-24581 2 Wordpress, Wpswings 2 Wordpress, Points And Rewards For Woocommerce 2026-04-01 5.4 Medium
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through <= 2.9.5.
CVE-2026-24580 2 Lightspeedhq, Wordpress 2 Ecwid Ecommerce Shopping Cart, Wordpress 2026-04-01 4.3 Medium
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through <= 7.0.5.
CVE-2026-24579 2 Wordpress, Wpmessiah 2 Wordpress, Ai Image Alt Text Generator For Wp 2026-04-01 4.3 Medium
Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through <= 1.1.9.
CVE-2026-24578 1 Wordpress 1 Wordpress 2026-04-01 4.3 Medium
Missing Authorization vulnerability in Jahid Hasan Admin login URL Change admin-login-url-change allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin login URL Change: from n/a through <= 1.1.5.
CVE-2026-24576 1 Wordpress 1 Wordpress 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in COP UX Flat ux-flat allows Stored XSS.This issue affects UX Flat: from n/a through <= 5.4.0.
CVE-2026-24571 1 Wordpress 1 Wordpress 2026-04-01 4.3 Medium
Missing Authorization vulnerability in boxnow BOX NOW Delivery box-now-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BOX NOW Delivery: from n/a through <= 3.0.2.
CVE-2026-24570 2 Wisdmlabs, Wordpress 2 Edwiser Bridge, Wordpress 2026-04-01 5.4 Medium
Missing Authorization vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Edwiser Bridge: from n/a through <= 4.3.2.
CVE-2026-24569 2 Sully, Wordpress 2 Media Library File Size, Wordpress 2026-04-01 4.3 Medium
Missing Authorization vulnerability in Sully Media Library File Size media-library-file-size allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library File Size: from n/a through <= 1.6.7.
CVE-2026-24567 1 Wordpress 1 Wordpress 2026-04-01 4.3 Medium
Missing Authorization vulnerability in briarinc Anything Order by Terms anything-order-by-terms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Anything Order by Terms: from n/a through <= 1.4.0.
CVE-2026-24566 2 Inet, Wordpress 2 Inet Webkit, Wordpress 2026-04-01 6.5 Medium
Missing Authorization vulnerability in iNET iNET Webkit inet-webkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iNET Webkit: from n/a through <= 1.2.4.
CVE-2026-24562 2 Ryviu, Wordpress 2 Product Reviews For Woocommerce, Wordpress 2026-04-01 5.3 Medium
Missing Authorization vulnerability in Ryviu Ryviu &#8211; Product Reviews for WooCommerce ryviu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ryviu &#8211; Product Reviews for WooCommerce: from n/a through <= 3.1.26.