Search

Expected end of text, found '/' (at char 52), (line:1, col:53)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346623 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-32509 2 Edge-themes, Wordpress 2 Gracey, Wordpress 2026-04-24 5.4 Medium
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Gracey: from n/a through < 1.4.
CVE-2026-32511 2 Mikado-themes, Wordpress 2 Stål, Wordpress 2026-04-24 5.4 Medium
Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål stal allows Object Injection.This issue affects Stål: from n/a through < 1.7.
CVE-2026-32512 2 Edge-themes, Wordpress 2 Pelicula, Wordpress 2026-04-24 9.8 Critical
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through < 1.10.
CVE-2026-32514 2 Anton Voytenko, Wordpress 2 Petitioner, Wordpress 2026-04-24 6.5 Medium
Missing Authorization vulnerability in Anton Voytenko Petitioner petitioner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Petitioner: from n/a through <= 0.7.3.
CVE-2026-32515 2 Kamleshyadav, Wordpress 2 Miraculous, Wordpress 2026-04-24 7.5 High
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.1.2.
CVE-2026-32527 2 Crmperks, Wordpress 2 Wp Insightly For Contact Form 7, Wpforms, Elementor, Formidable And Ninja Forms, Wordpress 2026-04-24 6.5 Medium
Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-insightly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through <= 1.1.5.
CVE-2026-32528 2 Don-themes, Wordpress 2 Riode, Wordpress 2026-04-24 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in don-themes Riode riode allows Reflected XSS.This issue affects Riode: from n/a through < 1.6.29.
CVE-2026-32530 2 Wordpress, Wpfunnels 2 Wordpress, Creator Lms 2026-04-24 8.8 High
Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through <= 1.1.18.
CVE-2026-32531 2 Gavias, Wordpress 2 Kunco, Wordpress 2026-04-24 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: from n/a through < 1.4.5.
CVE-2026-32533 2 Latepoint, Wordpress 2 Latepoint, Wordpress 2026-04-24 6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LatePoint: from n/a through <= 5.2.6.
CVE-2026-32534 2 Joomsky, Wordpress 2 Js Help Desk, Wordpress 2026-04-24 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through <= 3.0.3.
CVE-2026-32536 2 Halfdata, Wordpress 2 Stripe Green Downloads, Wordpress 2026-04-24 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a through <= 2.08.
CVE-2026-32537 2 Visualportfolio, Wordpress 2 Visual Portfolio, Photo Gallery & Post Grid, Wordpress 2026-04-24 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through <= 3.5.1.
CVE-2026-32538 2 Noor Alam, Wordpress 2 Smtp Mailer, Wordpress 2026-04-24 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp-mailer allows Retrieve Embedded Sensitive Data.This issue affects SMTP Mailer: from n/a through <= 1.1.24.
CVE-2026-32539 2 Publishpress, Wordpress 2 Publishpress Revisions, Wordpress 2026-04-24 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Revisions revisionary allows Blind SQL Injection.This issue affects PublishPress Revisions: from n/a through <= 3.7.23.
CVE-2026-32540 2 Bookly, Wordpress 2 Bookly, Wordpress 2026-04-24 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through <= 26.7.
CVE-2026-32542 2 Themefusion, Wordpress 2 Fusion Builder, Wordpress 2026-04-24 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-32544 2 Oopspam, Wordpress 2 Oopspam Anti-spam, Wordpress 2026-04-24 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OOPSpam Team OOPSpam Anti-Spam oopspam-anti-spam allows Stored XSS.This issue affects OOPSpam Anti-Spam: from n/a through <= 1.2.62.
CVE-2026-32545 2 Taboola, Wordpress 2 Taboola Pixel, Wordpress 2026-04-24 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through <= 1.1.4.
CVE-2026-32546 2 Stellarwp, Wordpress 2 Restrict Content, Wordpress 2026-04-24 7.5 High
Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22.