\ CVEs and Security Vulnerabilities

Export limit exceeded: 346643 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 28), (line:1, col:29)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346643 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-39570	2 Aa Web Servant, Wordpress	2 12 Step Meeting List, Wordpress	2026-04-24	5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9.
CVE-2026-39536	2 Wordpress, Wpchill	2 Wordpress, Rsvp And Event Management	2026-04-24	5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16.
CVE-2026-39561	2 Wordpress, Wp Chill	2 Wordpress, Revive.so	2026-04-24	5.3 Medium
Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.7.
CVE-2026-39569	2 Aa Web Servant, Wordpress	2 12 Step Meeting List, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9.
CVE-2026-39541	2 Themefic, Wordpress	2 Hydra Booking, Wordpress	2026-04-24	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a through <= 1.1.38.
CVE-2026-39602	2 Rustaurius, Wordpress	2 Order Tracking, Wordpress	2026-04-24	N/A
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3.
CVE-2026-24564	2 Textmetrics, Wordpress	2 Textmetrics, Wordpress	2026-04-24	4.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Israpil Textmetrics webtexttool allows Code Injection.This issue affects Textmetrics: from n/a through <= 3.6.5.
CVE-2026-24567	1 Wordpress	1 Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in briarinc Anything Order by Terms anything-order-by-terms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Anything Order by Terms: from n/a through <= 1.4.0.
CVE-2026-24568	2 Wordpress, Wptravelengine	2 Wordpress, Wp Travel Engine	2026-04-24	5.3 Medium
Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 11.1.0.
CVE-2026-24569	2 Sully, Wordpress	2 Media Library File Size, Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in Sully Media Library File Size media-library-file-size allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library File Size: from n/a through <= 1.6.7.
CVE-2026-24570	2 Wisdmlabs, Wordpress	2 Edwiser Bridge, Wordpress	2026-04-24	5.4 Medium
Missing Authorization vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Edwiser Bridge: from n/a through <= 4.3.2.
CVE-2026-24571	1 Wordpress	1 Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in boxnow BOX NOW Delivery box-now-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BOX NOW Delivery: from n/a through <= 3.0.2.
CVE-2026-24572	1 Wordpress	1 Wordpress	2026-04-24	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through <= 4.2.0.
CVE-2026-24576	1 Wordpress	1 Wordpress	2026-04-24	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in COP UX Flat ux-flat allows Stored XSS.This issue affects UX Flat: from n/a through <= 5.4.0.
CVE-2026-24577	2 Genetech Products, Wordpress	2 Pie Register, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Genetech Products Pie Register pie-register allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pie Register: from n/a through <= 3.8.4.8.
CVE-2026-24578	1 Wordpress	1 Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in Jahid Hasan Admin login URL Change admin-login-url-change allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin login URL Change: from n/a through <= 1.1.5.
CVE-2026-24579	2 Wordpress, Wpmessiah	2 Wordpress, Ai Image Alt Text Generator For Wp	2026-04-24	4.3 Medium
Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through <= 1.1.9.
CVE-2026-24580	2 Lightspeedhq, Wordpress	2 Ecwid Ecommerce Shopping Cart, Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through <= 7.0.5.
CVE-2026-24581	2 Wordpress, Wpswings	2 Wordpress, Points And Rewards For Woocommerce	2026-04-24	5.4 Medium
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through <= 2.9.5.
CVE-2026-24583	2 Sumup, Wordpress	2 Payment Gateway For Woocommerce, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through <= 2.7.9.

« first previous Page 61 of 17333. next last »