CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 10010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10010 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-66058	2 Pickplugins, Wordpress	2 Post Grid, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.17.
CVE-2025-64296	3 Facebook, Woocommerce, Wordpress	3 Facebook For Woocommerce, Woocommerce, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Facebook Facebook for WooCommerce facebook-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through <= 3.5.7.
CVE-2025-64294	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in d3wp WP Snow Effect wp-snow-effect allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Snow Effect: from n/a through <= 1.1.19.
CVE-2025-63038	2 Northern Beaches Websites, Wordpress	2 Wp Custom Admin Interface, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through <= 7.40.
CVE-2025-63031	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in WP Grids EasyTest convertpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EasyTest: from n/a through <= 1.0.1.
CVE-2025-63022	2 Illia, Wordpress	2 Simple Like Page, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in topdevs.net Simple Like Page simple-facebook-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through <= 1.5.3.
CVE-2025-63016	2 Quadlayers, Wordpress	2 Tiktok Feed, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in quadlayers QuadLayers TikTok Feed wp-tiktok-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QuadLayers TikTok Feed: from n/a through <= 4.6.5.
CVE-2025-63004	2 Skynet Technologies, Wordpress	2 All In One Accessibility, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Skynet Technologies USA LLC All in One Accessibility all-in-one-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All in One Accessibility: from n/a through <= 1.15.
CVE-2025-63002	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in wpforchurch Sermon Manager sermon-manager-for-wordpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sermon Manager: from n/a through <= 2.30.0.
CVE-2025-63001	2 Nicdark, Wordpress	2 Hotel Booking, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in nicdark Hotel Booking nd-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Booking: from n/a through <= 3.8.
CVE-2025-62961	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in sparklewpthemes Sparkle FSE sparkle-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sparkle FSE: from n/a through <= 1.0.9.
CVE-2025-62960	2 Sparkle Wp, Wordpress	2 Construction Light, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in sparklewpthemes Construction Light construction-light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Construction Light: from n/a through <= 1.6.7.
CVE-2025-62888	2 Marcomilesi, Wordpress	2 Wp Attachments, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Marco Milesi WP Attachments wp-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Attachments: from n/a through <= 5.2.
CVE-2025-62874	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Alexander AnyComment anycomment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyComment: from n/a through <= 0.3.6.
CVE-2025-62755	2 Gsplugins, Wordpress	2 Gs Portfolio For Envato, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in GS Plugins GS Portfolio for Envato gs-envato-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Portfolio for Envato: from n/a through <= 1.4.2.
CVE-2025-62751	2 Extendthemes, Wordpress	2 Vireo, Wordpress	2026-04-01	8.8 High
Missing Authorization vulnerability in extendthemes Vireo vireo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Vireo: from n/a through <= 1.0.24.
CVE-2025-62747	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Aum Watcharapon Featured Image Generator featured-image-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image Generator: from n/a through <= 1.3.4.
CVE-2025-62154	2 Recorp, Wordpress	2 Ai Content Writing Assistant, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in recorp AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One ai-content-writing-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One: from n/a through <= 1.1.7.
CVE-2025-62150	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in themesawesome History Timeline timeline-awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through <= 1.0.6.
CVE-2025-62147	2 Realbig, Wordpress	2 Realbig, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in nikmelnik Realbig realbig-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through <= 1.1.3.

« first previous Page 9 of 501. next last »