\ CVEs and Security Vulnerabilities

Export limit exceeded: 341885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '\' (at char 28), (line:1, col:29)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341885 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-64249	2 Wordpress, Wp-experts	2 Wordpress, Protect Wp Admin	2026-04-01	4.8 Medium
Missing Authorization vulnerability in WP-EXPERTS.IN Protect WP Admin protect-wp-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protect WP Admin: from n/a through <= 4.1.
CVE-2025-64248	2 Emarketdesign, Wordpress	2 Request A Quote, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in emarket-design Request a Quote request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Request a Quote: from n/a through <= 2.5.3.
CVE-2025-64246	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in netopsae Accessibility by AudioEye accessibility-by-audioeye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility by AudioEye: from n/a through <= 1.0.49.
CVE-2025-64245	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in ryanpcmcquen Import external attachments import-external-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Import external attachments: from n/a through <= 1.5.12.
CVE-2025-64244	3 Codexpert, Elementor, Wordpress	3 Restrict Elementor Widgets Columns And Sections, Elementor, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Codexpert, Inc Restrict Elementor Widgets, Columns and Sections restrict-elementor-widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Elementor Widgets, Columns and Sections: from n/a through <= 1.12.
CVE-2025-64243	2 E-plugins, Wordpress	2 Directory Pro, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6.
CVE-2025-64241	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Imtiaz Rayhan WP Coupons and Deals wp-coupons-and-deals allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Coupons and Deals: from n/a through <= 3.2.4.
CVE-2025-64240	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in freshchat Freshchat freshchat allows Cross Site Request Forgery.This issue affects Freshchat: from n/a through <= 2.3.4.
CVE-2025-64239	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Yoav Farhi RTL Tester rtl-tester allows Cross Site Request Forgery.This issue affects RTL Tester: from n/a through <= 1.2.
CVE-2025-64238	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in NicolasKulka WPS Bidouille wps-bidouille allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPS Bidouille: from n/a through <= 1.33.1.
CVE-2025-64237	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Graham Quick Interest Slider quick-interest-slider allows Cross Site Request Forgery.This issue affects Quick Interest Slider: from n/a through <= 3.1.5.
CVE-2025-64234	2 Evergreencontentposter, Wordpress	2 Evergreen Content Poster, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Evergreen Content Poster: from n/a through <= 1.4.5.
CVE-2025-64233	1 Wordpress	1 Wordpress	2026-04-01	9.8 Critical
Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object Injection.This issue affects Codiqa: from n/a through < 1.2.8.
CVE-2025-64232	1 Wordpress	1 Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc Import from YML import-from-yml allows Reflected XSS.This issue affects Import from YML: from n/a through <= 3.1.17.
CVE-2025-64231	2 Redefiningtheweb, Wordpress	2 Wordpress Contact Form 7 Pdf Google Sheet Database, Wordpress	2026-04-01	9.8 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Contact Form 7 PDF, Google Sheet & Database rtwwcfp-wordpress-contact-form-7-pdf allows Using Malicious Files.This issue affects WordPress Contact Form 7 PDF, Google Sheet & Database: from n/a through <= 3.0.0.
CVE-2025-64230	1 Wordpress	1 Wordpress	2026-04-01	7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Chill Filr filr-protection allows Path Traversal.This issue affects Filr: from n/a through <= 1.2.10.
CVE-2025-64229	2 Boldgrid, Wordpress	2 Client Invoicing By Sprout Invoices, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.7.
CVE-2025-64228	2 Fantasticplugins, Wordpress	2 Sumo Affiliates Pro, Wordpress	2026-04-01	4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Retrieve Embedded Sensitive Data.This issue affects SUMO Affiliates Pro: from n/a through <= 11.0.0.
CVE-2025-64227	2 Boldgrid, Wordpress	2 Client Invoicing By Sprout Invoices, Wordpress	2026-04-01	9.8 Critical
Deserialization of Untrusted Data vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Object Injection.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.7.
CVE-2025-64226	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in colabrio Stockie Extra stockie-extra allows Cross Site Request Forgery.This issue affects Stockie Extra: from n/a through <= 1.2.11.

« first previous Page 498 of 17095. next last »