CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10543 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-62976	2 Joovii, Wordpress	2 Sendle Shipping, Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in Joovii Sendle Shipping official-sendle-shipping-method allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Sendle Shipping: from n/a through <= 6.02.
CVE-2025-62978	1 Wordpress	1 Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Kiotviet KiotViet Sync kiotvietsync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiotViet Sync: from n/a through <= 1.8.5.
CVE-2025-67474	2 Ultimatemember, Wordpress	2 Forumwp, Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through <= 2.1.4.
CVE-2025-62993	2 Rainafarai, Wordpress	2 Notification For Telegram, Wordpress	2026-04-15	4.3 Medium
Missing Authorization vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notification for Telegram: from n/a through <= 3.5.
CVE-2025-67547	2 Uixthemes, Wordpress	2 Konte, Wordpress	2026-04-15	6.5 Medium
Missing Authorization vulnerability in uixthemes Konte konte allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Konte: from n/a through <= 2.4.6.
CVE-2025-67568	1 Wordpress	1 Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in xtemos Basel basel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Basel: from n/a through <= 5.9.1.
CVE-2023-47187	1 Wordpress	1 Wordpress	2026-04-15	5.4 Medium
Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through 5.4.
CVE-2023-47224			2026-04-15	7.5 High
Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through 7.8.0.
CVE-2025-67562	1 Wordpress	1 Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through < 20.0.
CVE-2025-67572	1 Wordpress	1 Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through < 6.7.4.
CVE-2025-67573	1 Wordpress	1 Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in ThimPress Sailing sailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sailing: from n/a through < 4.4.6.
CVE-2023-47647			2026-04-15	4.3 Medium
Missing Authorization vulnerability in LearningTimes BadgeOS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BadgeOS: from n/a through 3.7.1.6.
CVE-2023-47661			2026-04-15	5.4 Medium
Missing Authorization vulnerability in Dragfy Dragfy Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dragfy Addons for Elementor: from n/a through 1.0.2.
CVE-2025-67913	2 Aruba, Wordpress	2 Aruba Hispeed Cache, Wordpress	2026-04-15	9.8 Critical
Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through < 3.0.3.
CVE-2025-67917	1 Wordpress	1 Wordpress	2026-04-15	8.1 High
Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through <= 3.2.6.
CVE-2025-67926	1 Wordpress	1 Wordpress	2026-04-15	8.8 High
Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through <= 1.10.4.
CVE-2025-67939	2 Tickera, Wordpress	2 Tickera, Wordpress	2026-04-15	6.5 Medium
Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through <= 3.5.6.2.
CVE-2023-47681			2026-04-15	6.5 Medium
Missing Authorization vulnerability in QuadLayers WooCommerce Checkout Manager.This issue affects WooCommerce Checkout Manager: from n/a through 7.3.0.
CVE-2025-67958	3 Taxcloud, Woocommerce, Wordpress	3 Taxcloud For Woocommerce, Woocommerce, Wordpress	2026-04-15	6.5 Medium
Missing Authorization vulnerability in Taxcloud TaxCloud for WooCommerce simple-sales-tax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TaxCloud for WooCommerce: from n/a through <= 8.3.8.
CVE-2025-67965	2 Favethemes, Wordpress	2 Homey, Wordpress	2026-04-15	5.3 Medium
Missing Authorization vulnerability in favethemes Homey Core homey-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Homey Core: from n/a through <= 2.4.3.

« first previous Page 177 of 528. next last »