Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (77145 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-32495 2 Linksoftwarellc, Wordpress 2 Wp Terms Popup, Wordpress 2026-03-30 7.5 High
Missing Authorization vulnerability in Link Software LLC WP Terms Popup wp-terms-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Terms Popup: from n/a through <= 2.10.0.
CVE-2026-27087 2 G5theme, Wordpress 2 Wolverine Framework, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine Framework: from n/a through <= 1.9.
CVE-2026-32542 2 Themefusion, Wordpress 2 Fusion Builder, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-27088 2 G5theme, Wordpress 2 Darna Framework, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Darna Framework darna-framework allows Reflected XSS.This issue affects Darna Framework: from n/a through <= 2.9.
CVE-2026-32531 2 Gavias, Wordpress 2 Kunco, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: from n/a through < 1.4.5.
CVE-2026-24975 2 Nootheme, Wordpress 2 Organici Library, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Organici Library noo-organici-library allows Reflected XSS.This issue affects Organici Library: from n/a through <= 2.1.2.
CVE-2026-24981 2 Nootheme, Wordpress 2 Visionary Core, Wordpress 2026-03-30 8.8 High
Deserialization of Untrusted Data vulnerability in NooTheme Visionary Core noo-visionary-core allows Object Injection.This issue affects Visionary Core: from n/a through <= 1.4.9.
CVE-2026-25002 2 Thimpress, Wordpress 2 Learnpress – Sepay Payment, Wordpress 2026-03-30 7.5 High
Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0.
CVE-2026-27045 2 Sbthemes, Wordpress 2 Woocommerce Infinite Scroll, Wordpress 2026-03-30 8.8 High
Deserialization of Untrusted Data vulnerability in sbthemes WooCommerce Infinite Scroll sb-woocommerce-infinite-scroll allows Object Injection.This issue affects WooCommerce Infinite Scroll: from n/a through <= 1.6.2.
CVE-2026-24373 2 Metagauss, Wordpress 2 Registrationmagic, Wordpress 2026-03-30 8.1 High
Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through <= 6.0.7.1.
CVE-2026-27048 2 Elated-themes, Wordpress 2 The Aisle Core, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes The Aisle Core theaisle-core allows PHP Local File Inclusion.This issue affects The Aisle Core: from n/a through <= 2.0.5.
CVE-2026-27079 2 Mikado-themes, Wordpress 2 Amfissa, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Amfissa amfissa allows PHP Local File Inclusion.This issue affects Amfissa: from n/a through <= 1.1.
CVE-2026-25350 2 Skygroup, Wordpress 2 Miti, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Miti miti allows Reflected XSS.This issue affects Miti: from n/a through < 1.5.3.
CVE-2026-25026 2 Radiustheme, Wordpress 2 Team, Wordpress 2026-03-30 7.5 High
Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.11.
CVE-2026-25358 2 Rascals, Wordpress 2 Meloo, Wordpress 2026-03-30 8.8 High
Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through < 2.8.2.
CVE-2026-27073 2 Addi, Wordpress 2 Addi – Cuotas Que Se Adaptan A Ti, Wordpress 2026-03-30 7.5 High
Use of Hard-coded Credentials vulnerability in Addi Addi &#8211; Cuotas que se adaptan a ti buy-now-pay-later-addi allows Password Recovery Exploitation.This issue affects Addi &#8211; Cuotas que se adaptan a ti: from n/a through <= 2.0.4.
CVE-2026-32503 2 Creativews, Wordpress 2 Trendustry, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS Trendustry trendustry allows PHP Local File Inclusion.This issue affects Trendustry: from n/a through <= 1.1.4.
CVE-2026-27076 2 Mikado-themes, Wordpress 2 Luxedrive, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes LuxeDrive luxedrive allows PHP Local File Inclusion.This issue affects LuxeDrive: from n/a through <= 1.0.
CVE-2026-32515 2 Kamleshyadav, Wordpress 2 Miraculous, Wordpress 2026-03-30 7.5 High
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.1.2.
CVE-2026-24983 2 Upsolution, Wordpress 2 Upsolution Core, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UpSolution UpSolution Core us-core allows Reflected XSS.This issue affects UpSolution Core: from n/a through <= 8.41.