Online Exam Software \ CVEs and Security Vulnerabilities

Export limit exceeded: 347143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 6), (line:1, col:7)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347143 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-68984	1 Wordpress	1 Wordpress	2026-04-28	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Puca puca allows PHP Local File Inclusion.This issue affects Puca: from n/a through <= 2.6.39.
CVE-2025-68979	2 Simplecalendar, Wordpress	2 Google Calendar Events, Wordpress	2026-04-28	5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through <= 3.5.9.
CVE-2025-68974	2 Miniorange, Wordpress	3 Social Login, Wordpress Social Login And Register (discord, Google, Twitter, Linkedin), Wordpress	2026-04-28	6.6 Medium
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through <= 7.7.0.
CVE-2025-68982	2 Designthemes, Wordpress	2 Designthemes Lms, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in designthemes DesignThemes LMS Addon designthemes-lms-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes LMS Addon: from n/a through <= 2.6.
CVE-2025-68975	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Eagle-Themes Eagle Booking eagle-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eagle Booking: from n/a through <= 1.3.4.3.
CVE-2025-68976	1 Wordpress	1 Wordpress	2026-04-28	5.4 Medium
Missing Authorization vulnerability in Eagle-Themes Eagle Booking eagle-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eagle Booking: from n/a through <= 1.3.4.3.
CVE-2025-68981	3 Designthemes, Elementor, Wordpress	3 Homefix Elementor Portfolio, Elementor, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in designthemes HomeFix Elementor Portfolio homefix-ele-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HomeFix Elementor Portfolio: from n/a through <= 1.0.1.
CVE-2025-68983	2 Thembay, Wordpress	2 Greenmart, Wordpress	2026-04-28	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Greenmart greenmart allows PHP Local File Inclusion.This issue affects Greenmart: from n/a through <= 4.2.11.
CVE-2025-68864	2 Infility, Wordpress	2 Infility Global, Wordpress	2026-04-28	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infility Infility Global infility-global allows Stored XSS.This issue affects Infility Global: from n/a through <= 2.15.11.
CVE-2025-68865	2 Infility, Wordpress	2 Infility Global, Wordpress	2026-04-28	9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infility Infility Global infility-global allows SQL Injection.This issue affects Infility Global: from n/a through <= 2.15.06.
CVE-2025-68841	2 Themepul, Wordpress	2 Topperpack – Complete Elementor Addons, Theme & Cpt Builder, Wordpress	2026-04-28	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder topper-pack allows PHP Local File Inclusion.This issue affects TopperPack – Complete Elementor Addons, Theme & CPT Builder: from n/a through <= 1.2.1.
CVE-2025-68834	2 Saiful Islam, Wordpress	2 Sync Master Sheet – Product Sync With Google Sheet For Woocommerce, Wordpress	2026-04-28	7.5 High
Missing Authorization vulnerability in Saiful Islam Sync Master Sheet – Product Sync with Google Sheet for WooCommerce product-sync-master-sheet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sync Master Sheet – Product Sync with Google Sheet for WooCommerce: from n/a through <= 1.1.3.
CVE-2025-68585	1 Wordpress	1 Wordpress	2026-04-28	2.7 Low
Missing Authorization vulnerability in Ben Balter WP Document Revisions wp-document-revisions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Document Revisions: from n/a through <= 3.7.2.
CVE-2025-68575	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wappointment: from n/a through <= 2.7.6.
CVE-2025-68573	1 Wordpress	1 Wordpress	2026-04-28	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link simple-keyword-to-link allows Cross Site Request Forgery.This issue affects Simple Keyword to Link: from n/a through <= 1.5.
CVE-2025-68552	2 Webcodingplace, Wordpress	2 Woocommerce Coming Soon Product With Countdown, Wordpress	2026-04-28	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product allows PHP Local File Inclusion.This issue affects WooCommerce Coming Soon Product with Countdown: from n/a through <= 5.0.
CVE-2025-68023	2 Addonify, Wordpress	2 Addonify – Compare Products For Woocommerce, Wordpress	2026-04-28	6.5 Medium
Missing Authorization vulnerability in Addonify Addonify – Compare Products For WooCommerce addonify-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – Compare Products For WooCommerce: from n/a through <= 1.1.17.
CVE-2025-67632	1 Wordpress	1 Wordpress	2026-04-28	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Plugin Factory Google AdSense for Responsive Design – GARD google-adsense-for-responsive-design-gard allows DOM-Based XSS.This issue affects Google AdSense for Responsive Design – GARD: from n/a through <= 2.23.
CVE-2025-67624	2 Arya Dhiratara, Wordpress	2 Optimize More! – Images, Wordpress	2026-04-28	6.5 Medium
Missing Authorization vulnerability in Arya Dhiratara Optimize More! – Images optimize-more-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Optimize More! – Images: from n/a through <= 1.1.3.
CVE-2025-67555	1 Wordpress	1 Wordpress	2026-04-28	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStrict's Calendly Embedder: from n/a through <= 1.1.7.2.

« first previous Page 67 of 17358. next last »