Search
Search Results (359647 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59554 | 2 Advanced Ads Gmbh, Wordpress | 2 Advanced Ads – Tracking, Wordpress | 2026-06-20 | 9.3 Critical |
| Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions. | ||||
| CVE-2025-68524 | 2 Themegoods, Wordpress | 2 Avante, Wordpress | 2026-06-20 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions. | ||||
| CVE-2025-69115 | 2 Themerex, Wordpress | 2 Luxmed | Medicine & Healthcare Doctor Wordpress Theme, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions. | ||||
| CVE-2025-69130 | 2 Themovation, Wordpress | 2 Entrepreneur - Booking For Small Businesses Wordpress Theme, Wordpress | 2026-06-20 | 8.8 High |
| Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions. | ||||
| CVE-2025-69144 | 2 Themerex, Wordpress | 2 Preservation, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Preservation <= 1.10 versions. | ||||
| CVE-2025-69164 | 2 Themerex, Wordpress | 2 Skyward, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Skyward <= 1.10 versions. | ||||
| CVE-2025-69170 | 2 Themerex, Wordpress | 2 Eventicity, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Eventicity <= 1.5 versions. | ||||
| CVE-2025-69175 | 2 Themerex, Wordpress | 2 Line Agency, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Line Agency <= 1.3.1 versions. | ||||
| CVE-2026-39445 | 2 Presslayouts, Wordpress | 2 Alukas, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions. | ||||
| CVE-2026-39559 | 2 Codesupplyco, Wordpress | 2 Uppercase, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Uppercase < 1.2.2 versions. | ||||
| CVE-2026-40738 | 2 Edge-themes, Wordpress | 2 Eldon, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Eldon <= 1.4.1 versions. | ||||
| CVE-2026-40752 | 2 Select-themes, Wordpress | 2 Manufaktur Solutions, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions. | ||||
| CVE-2026-49108 | 2 Park Of Ideas, Wordpress | 2 Moderno, Wordpress | 2026-06-20 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Moderno < 1.43 versions. | ||||
| CVE-2025-60229 | 2 Themeton, Wordpress | 2 Lagom, Wordpress | 2026-06-20 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0. | ||||
| CVE-2025-60230 | 2 Themeton, Wordpress | 2 The Barber Shop, Wordpress | 2026-06-20 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection. This issue affects The Barber Shop: from n/a through 1.9. | ||||
| CVE-2026-54819 | 2 Webilia Inc., Wordpress | 2 Listdom, Wordpress | 2026-06-20 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webilia Inc. Listdom allows Blind SQL Injection. This issue affects Listdom: from n/a through 5.4.0. | ||||
| CVE-2026-54815 | 2 Cargo Rd, Wordpress | 2 Cargo Shipping Location For Woocommerce, Wordpress | 2026-06-20 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cargo RD Cargo Shipping Location for WooCommerce allows Blind SQL Injection. This issue affects Cargo Shipping Location for WooCommerce: from n/a through 5.6. | ||||
| CVE-2025-60231 | 2 Emv, Wordpress | 2 The Hospital, Wordpress | 2026-06-20 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in EMV The Hospital nrghospital allows Object Injection. This issue affects The Hospital: from n/a through 1.8.1. | ||||
| CVE-2025-60236 | 2 Emv, Wordpress | 2 Creatify, Wordpress | 2026-06-20 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5. | ||||
| CVE-2025-69128 | 2 Emv, Wordpress | 2 Jobcareer, Wordpress | 2026-06-20 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EMV JobCareer allows Path Traversal. This issue affects JobCareer: from n/a through 7.3. | ||||