CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 10020 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10020 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-54695	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in DevItems HT Mega ht-mega-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HT Mega: from n/a through <= 2.9.0.
CVE-2025-54692	2 Wordpress, Wpswings	2 Wordpress, Membership For Woocommerce	2026-04-01	N/A
Missing Authorization vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Membership For WooCommerce: from n/a through <= 2.9.0.
CVE-2025-54679	2 Vertim, Wordpress	2 Neon Channel Product Customizer Free, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in vertim Neon Channel Product Customizer Free neon-channel-product-customizer-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Neon Channel Product Customizer Free: from n/a through <= 2.0.
CVE-2025-54047	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in QuanticaLabs Cost Calculator ql-cost-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator: from n/a through <= 7.4.
CVE-2025-54040	2 Webba-booking, Wordpress	2 Webba Booking, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webba Booking: from n/a through <= 5.1.20.
CVE-2025-54037	2 Blazethemes, Wordpress	2 News Kit Elementor Addons, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through <= 1.3.4.
CVE-2025-54025	2 Relywp, Wordpress	2 Coupon Affiliates, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through <= 6.4.0.
CVE-2025-54018	2 Creativemindssolutions, Wordpress	2 Cm Pop-up Banners, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Pop-Up banners: from n/a through <= 1.8.4.
CVE-2025-54011			2026-04-01	N/A
Missing Authorization vulnerability in SMTP2GO SMTP2GO smtp2go allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMTP2GO: from n/a through <= 1.12.1.
CVE-2025-53997	2 Favethemes, Wordpress	2 Houzez, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in favethemes Houzez houzez allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Houzez: from n/a through <= 4.0.4.
CVE-2025-53986	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in themeisle Hestia hestia allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hestia: from n/a through <= 3.2.10.
CVE-2025-53571	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through <= 1.0.6.
CVE-2025-53348	2 Laborator, Wordpress	2 Kalium, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Laborator Kalium kalium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalium: from n/a through <= 3.18.3.
CVE-2025-53343	2 Goodlayers, Wordpress	2 Modernize, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through <= 3.4.0.
CVE-2025-53341	2 Themovation, Wordpress	2 Stratus, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Themovation App, SaaS & Software Startup Tech Theme - Stratus stratusx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App, SaaS & Software Startup Tech Theme - Stratus: from n/a through <= 4.2.5.
CVE-2025-53340	2 Getawesomesupport, Wordpress	2 Awesome Support, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Retrieve Embedded Sensitive Data.This issue affects Awesome Support: from n/a through <= 6.3.6.
CVE-2025-53337	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through <= 2.1.3.
CVE-2025-53323			2026-04-01	N/A
Missing Authorization vulnerability in danbriapps Pre-Publish Post Checklist pre-publish-post-checklist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pre-Publish Post Checklist: from n/a through <= 3.1.
CVE-2025-53318	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in WPManiax WP DB Booster wp-db-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP DB Booster: from n/a through <= 1.0.1.
CVE-2025-53304	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Rohil Contact Form – 7 : Hide Success Message contact-form-7-hide-success-message allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contact Form – 7 : Hide Success Message: from n/a through <= 1.1.4.

« first previous Page 18 of 501. next last »