Search
Search Results (360502 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69104 | 2 Jkdevstudio, Wordpress | 2 Qreatix, Wordpress | 2026-06-23 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Qreatix <= 1.9.4 versions. | ||||
| CVE-2025-69107 | 2 Themerex, Wordpress | 2 Rosaleen, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Rosaleen <= 2.8 versions. | ||||
| CVE-2025-69108 | 2 Themerex, Wordpress | 2 Hot Coffee, Wordpress | 2026-06-23 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions. | ||||
| CVE-2025-69109 | 2 Themerex, Wordpress | 2 Raider Spirit, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Raider Spirit <= 1.1.2 versions. | ||||
| CVE-2025-69119 | 2 Themerex, Wordpress | 2 Corbesier, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Corbesier <= 1.15.0 versions. | ||||
| CVE-2025-69121 | 2 Themerex, Wordpress | 2 Deliciosa, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Deliciosa <= 1.10.0 versions. | ||||
| CVE-2025-69122 | 2 Themerex, Wordpress | 2 Seafood Company, Wordpress | 2026-06-23 | 9.8 Critical |
| Unauthenticated PHP Object Injection in SeaFood Company <= 1.4 versions. | ||||
| CVE-2025-69125 | 2 Themerex, Wordpress | 2 Food Drop, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Food Drop <= 1.3 versions. | ||||
| CVE-2025-69131 | 2 Extendons, Wordpress | 2 Wordpress & Woocommerce Scraper Plugin, Import Data From Any Site, Wordpress | 2026-06-23 | 7.5 High |
| Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site <= 1.0.7 versions. | ||||
| CVE-2025-69136 | 2 Themelogi, Wordpress | 2 Wanium, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Wanium <= 1.9.8 versions. | ||||
| CVE-2025-69137 | 2 Jthemes, Wordpress | 2 Genemy, Wordpress | 2026-06-23 | 6.5 Medium |
| Subscriber Broken Access Control in Genemy <= 1.6.6 versions. | ||||
| CVE-2025-69141 | 2 Themerex, Wordpress | 2 Kelly Young, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Kelly Young <= 1.1.0 versions. | ||||
| CVE-2025-69149 | 2 Themerex, Wordpress | 2 Top Dog, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions. | ||||
| CVE-2025-69177 | 2 Themelogi, Wordpress | 2 Roneous, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions. | ||||
| CVE-2025-69178 | 2 Cactusthemes, Wordpress | 2 Truemag, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions. | ||||
| CVE-2026-27429 | 2 Boldthemes, Wordpress | 2 Nifty, Wordpress | 2026-06-23 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions. | ||||
| CVE-2026-34893 | 2 Webgeniuslab, Wordpress | 2 Thegov Core, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions. | ||||
| CVE-2026-34894 | 2 Webgeniuslab, Wordpress | 2 Integrio Core, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions. | ||||
| CVE-2026-56346 | 2 Avideo, Wwbn | 2 Avideo, Avideo | 2026-06-23 | 6.5 Medium |
| AVideo through version 25.0 contains an authentication bypass vulnerability in the decryptMessage.json.php endpoint that allows unauthenticated users to decrypt PGP messages. Remote attackers can submit private keys, ciphertext, and passphrases to perform server-side decryption without credentials, exposing key material to logs and enabling resource exhaustion attacks. | ||||
| CVE-2026-56120 | 2026-06-23 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56784. | ||||