Search

Expected end of text, found '/' (at char 38), (line:1, col:39)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341935 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-66151 2 Merkulove, Wordpress 2 Countdowner For Elementor, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in merkulove Countdowner for Elementor countdowner-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Countdowner for Elementor: from n/a through <= 1.0.4.
CVE-2025-66150 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in merkulove Appender appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through <= 1.1.1.
CVE-2025-66149 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in merkulove UnGrabber ungrabber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnGrabber: from n/a through <= 3.1.3.
CVE-2025-66148 2 Merkulove, Wordpress 2 Conformer For Elementor, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in merkulove Conformer for Elementor conformer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conformer for Elementor: from n/a through <= 1.0.7.
CVE-2025-66146 2 Merkulove, Wordpress 2 Logger For Elementor, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in merkulove Logger for Elementor logger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Logger for Elementor: from n/a through <= 1.0.9.
CVE-2025-66145 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in merkulove Worker for WPBakery worker-wpbakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Worker for WPBakery: from n/a through <= 1.1.1.
CVE-2025-66144 2 Merkulove, Wordpress 2 Worker For Elementor, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in merkulove Worker for Elementor worker-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Worker for Elementor: from n/a through <= 1.0.10.
CVE-2025-66103 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in revmakx WPCal.io wpcal allows DOM-Based XSS.This issue affects WPCal.io: from n/a through <= 0.9.5.9.
CVE-2025-66094 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dmccan Yada Wiki yada-wiki allows Stored XSS.This issue affects Yada Wiki: from n/a through <= 3.5.
CVE-2025-66080 2 Wordpress, Wp Legal Pages 2 Wordpress, Wp Cookie Notice 2026-04-01 N/A
Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through <= 4.0.3.
CVE-2025-66058 2 Pickplugins, Wordpress 2 Post Grid, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.17.
CVE-2025-64355 2 Crocoblock, Wordpress 2 Jetelements For Elementor, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12.
CVE-2025-64296 3 Facebook, Woocommerce, Wordpress 3 Facebook For Woocommerce, Woocommerce, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Facebook Facebook for WooCommerce facebook-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through <= 3.5.7.
CVE-2025-64294 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in d3wp WP Snow Effect wp-snow-effect allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Snow Effect: from n/a through <= 1.1.19.
CVE-2025-64293 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Golemiq 0 Day Analytics 0-day-analytics allows SQL Injection.This issue affects 0 Day Analytics: from n/a through <= 4.0.0.
CVE-2025-64282 1 Wordpress 1 Wordpress 2026-04-01 N/A
Authorization Bypass Through User-Controlled Key vulnerability in RadiusTheme Radius Blocks radius-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Radius Blocks: from n/a through <= 2.2.1.
CVE-2025-64190 2 8theme, Wordpress 2 Xstore Core, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through < 5.6.
CVE-2025-63065 2 Davidlingren, Wordpress 2 Media Library Assistant, Wordpress 2026-04-01 5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media LIbrary Assistant: from n/a through <= 3.29.
CVE-2025-63053 2 Jeweltheme, Wordpress 2 Master Addons For Elementor, Wordpress 2026-04-01 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through <= 2.0.9.9.4.
CVE-2025-63043 2 Pickplugins, Wordpress 2 Post Grid, Wordpress 2026-04-01 N/A
Authorization Bypass Through User-Controlled Key vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.23.