\ CVEs and Security Vulnerabilities

Export limit exceeded: 347095 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found '\' (at char 31), (line:1, col:32)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347095 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-68591	2 Mitchell Bennis, Wordpress	2 Simple File List, Wordpress	2026-04-27	5.4 Medium
Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple File List: from n/a through <= 6.1.18.
CVE-2025-68590	2 Crm Perks, Wordpress	2 Integration For Contact Form 7 Hubspot, Wordpress	2026-04-27	7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot allows Blind SQL Injection.This issue affects Integration for Contact Form 7 HubSpot: from n/a through <= 1.4.2.
CVE-2025-68589	2 Wordpress, Wpsocio	2 Wordpress, Wp Telegram Widget And Join Link	2026-04-27	5.3 Medium
Missing Authorization vulnerability in WP Socio WP Telegram Widget and Join Link wptelegram-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Telegram Widget and Join Link: from n/a through <= 2.2.12.
CVE-2025-68588	2 Total-soft, Wordpress	2 Ts Poll, Wordpress	2026-04-27	4.3 Medium
Missing Authorization vulnerability in totalsoft TS Poll poll-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TS Poll: from n/a through <= 2.5.5.
CVE-2025-68587	1 Wordpress	1 Wordpress	2026-04-27	4.3 Medium
Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watu Quiz: from n/a through <= 3.4.5.
CVE-2025-68583	1 Wordpress	1 Wordpress	2026-04-27	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Tikweb Management Fast User Switching fast-user-switching allows Cross Site Request Forgery.This issue affects Fast User Switching: from n/a through <= 1.4.10.
CVE-2025-68582	2 Funnelforms, Wordpress	3 Funnelforms, Funnelforms Free, Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in Funnelforms Funnelforms Free funnelforms-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Funnelforms Free: from n/a through <= 3.8.
CVE-2025-68581	1 Wordpress	1 Wordpress	2026-04-27	5.4 Medium
Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through <= 1.0.11.
CVE-2025-68580	2 Pluginsware, Wordpress	2 Advanced Classifieds & Directory Pro, Wordpress	2026-04-27	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro advanced-classifieds-and-directory-pro allows Cross Site Request Forgery.This issue affects Advanced Classifieds & Directory Pro: from n/a through <= 3.2.9.
CVE-2025-68579	1 Wordpress	1 Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in FolioVision FV Simpler SEO fv-all-in-one-seo-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FV Simpler SEO: from n/a through <= 1.9.6.
CVE-2025-68578	1 Wordpress	1 Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify: from n/a through <= 2.0.4.
CVE-2025-68577	1 Wordpress	1 Wordpress	2026-04-27	4.3 Medium
Missing Authorization vulnerability in Virusdie Virusdie virusdie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virusdie: from n/a through <= 1.1.6.
CVE-2025-58942	2 Axiomthemes, Wordpress	2 Dwell, Wordpress	2026-04-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Dwell dwell allows PHP Local File Inclusion.This issue affects Dwell: from n/a through <= 1.7.0.
CVE-2025-68572	2 Spider-themes, Wordpress	2 Bbp Core, Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in Spider Themes BBP Core bbp-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BBP Core: from n/a through <= 1.4.1.
CVE-2025-68571	2 Salesmanago, Wordpress	2 Salesmanago, Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago & Leadoo: from n/a through <= 3.9.0.
CVE-2025-68570	1 Wordpress	1 Wordpress	2026-04-27	7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Blind SQL Injection.This issue affects Captivate Sync: from n/a through <= 3.2.2.
CVE-2025-68569	2 Codepeople, Wordpress	2 Wp Time Slots Booking Form, Wordpress	2026-04-27	6.5 Medium
Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through <= 1.2.39.
CVE-2025-68567	2 Wordpress, Wphocus	2 Wordpress, My Auctions Allegro	2026-04-27	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Cross Site Request Forgery.This issue affects My auctions allegro: from n/a through <= 3.6.33.
CVE-2025-68565	1 Wordpress	1 Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through <= 2.1.3.
CVE-2025-68564	2 Sendy, Wordpress	2 Sendy, Wordpress	2026-04-27	6.5 Medium
Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through <= 3.4.2.

« first previous Page 228 of 17355. next last »