Search

Expected end of text, found '.' (at char 22), (line:1, col:23)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (336512 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-27383 2 Radiustheme, Wordpress 2 Metro, Wordpress 2026-03-06 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through <= 2.13.
CVE-2026-27384 2 Boldgrid, Wordpress 2 W3 Total Cache, Wordpress 2026-03-06 N/A
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through <= 2.9.1.
CVE-2026-27386 2 Designthemes, Wordpress 2 Designthemes Directory Addon, Wordpress 2026-03-06 N/A
Missing Authorization vulnerability in designthemes DesignThemes Directory Addon designthemes-directory-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Directory Addon: from n/a through <= 1.8.
CVE-2026-27388 2 Designthemes, Wordpress 2 Designthemes Booking Manager, Wordpress 2026-03-06 N/A
Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through <= 2.0.
CVE-2026-27389 2 Designthemes, Wordpress 2 Wedesigntech Ultimate Booking Addon, Wordpress 2026-03-06 N/A
Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.1.
CVE-2026-27390 2 Designthemes, Wordpress 2 Wedesigntech Ultimate Booking Addon, Wordpress 2026-03-06 N/A
Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.1.
CVE-2026-27396 2 E-plugins, Wordpress 2 Directory Pro, Wordpress 2026-03-06 N/A
Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6.
CVE-2026-27406 2 Joe Dolson, Wordpress 2 My Tickets, Wordpress 2026-03-06 N/A
Insertion of Sensitive Information Into Sent Data vulnerability in Joe Dolson My Tickets my-tickets allows Retrieve Embedded Sensitive Data.This issue affects My Tickets: from n/a through <= 2.1.0.
CVE-2026-27411 2 Jp-secure, Wordpress 2 Siteguard Wp Plugin, Wordpress 2026-03-06 N/A
Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through <= 1.7.9.
CVE-2026-27428 2 Eagle-themes, Wordpress 2 Eagle Booking, Wordpress 2026-03-06 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eagle-Themes Eagle Booking eagle-booking allows SQL Injection.This issue affects Eagle Booking: from n/a through <= 1.3.4.3.
CVE-2026-28561 2 Gvectors, Wordpress 2 Wpforo Forum, Wordpress 2026-03-06 5.5 Medium
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows administrators to inject persistent JavaScript via forum description fields echoed without output escaping across multiple theme template files. On multisite installations or with a compromised admin account, attackers set a forum description containing HTML event handlers that execute when any user views the forum listing.
CVE-2026-27438 2 Themerex, Wordpress 2 Kingler, Wordpress 2026-03-06 N/A
Deserialization of Untrusted Data vulnerability in ThemeREX Kingler kingler allows Object Injection.This issue affects Kingler: from n/a through <= 1.7.
CVE-2026-27541 2 Josh Kohlbach, Wordpress 2 Wholesale Suite, Wordpress 2026-03-06 N/A
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.6.
CVE-2026-27984 2 Marketingfire, Wordpress 2 Widget-options, Wordpress 2026-03-06 N/A
Improper Control of Generation of Code ('Code Injection') vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through <= 4.1.3.
CVE-2026-27986 2 Themerex, Wordpress 2 Ostende, Wordpress 2026-03-06 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX OsTende ostende allows PHP Local File Inclusion.This issue affects OsTende: from n/a through <= 1.4.3.
CVE-2026-27988 2 Themerex, Wordpress 2 Equadio, Wordpress 2026-03-06 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Equadio equadio allows PHP Local File Inclusion.This issue affects Equadio: from n/a through <= 1.1.3.
CVE-2026-27990 2 Themerex, Wordpress 2 Confix, Wordpress 2026-03-06 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFix: from n/a through <= 1.013.
CVE-2026-27992 2 Themerex, Wordpress 2 Meals & Wheels, Wordpress 2026-03-06 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Meals & Wheels meals-wheels allows PHP Local File Inclusion.This issue affects Meals & Wheels: from n/a through <= 1.1.12.
CVE-2026-27994 2 Themerex, Wordpress 2 Tediss, Wordpress 2026-03-06 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Tediss tediss allows PHP Local File Inclusion.This issue affects Tediss: from n/a through <= 1.2.4.
CVE-2026-27996 2 Themerex, Wordpress 2 Lingvico, Wordpress 2026-03-06 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Lingvico lingvico allows PHP Local File Inclusion.This issue affects Lingvico: from n/a through <= 1.0.14.