Search

Expected end of text, found '.' (at char 17), (line:1, col:18)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (326182 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-59138 1 Wordpress 1 Wordpress 2026-01-05 4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Jthemes Genemy allows Server Side Request Forgery.This issue affects Genemy: from n/a through 1.6.6.
CVE-2025-49356 3 Mykola Lukin, Woocommerce, Wordpress 3 Orders Chat For Woocommerce, Woocommerce, Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Mykola Lukin Orders Chat for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Orders Chat for WooCommerce: from n/a through 1.2.0.
CVE-2025-62089 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack allows Cross Site Request Forgery.This issue affects Mergado Pack: from n/a through 4.2.0.
CVE-2025-62751 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Extend Themes Vireo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Vireo: from n/a through 1.0.24.
CVE-2025-63040 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal Post Snippets allows Cross Site Request Forgery.This issue affects Post Snippets: from n/a through 4.0.11.
CVE-2025-62099 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Approveme Signature Add-On for Gravity Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Signature Add-On for Gravity Forms: from n/a through 1.8.6.
CVE-2025-59135 1 Wordpress 1 Wordpress 2026-01-05 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eLEOPARD Behance Portfolio Manager allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through 1.7.5.
CVE-2025-63004 2 Skynet Technologies, Wordpress 2 All In One Accessibility, Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Skynet Technologies USA LLC All in One Accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All in One Accessibility: from n/a through 1.14.
CVE-2025-66154 2 Merkulove, Wordpress 2 Couponer For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Couponer for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Couponer for Elementor: from n/a through 1.1.7.
CVE-2025-62133 2 Manidoraisamy, Wordpress 2 Formfacade, Wordpress 2026-01-05 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Manidoraisamy FormFacade allows Cross Site Request Forgery.This issue affects FormFacade: from n/a through 1.4.1.
CVE-2025-62132 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through 1.1.5.
CVE-2025-62115 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in ThemeBoy Hide Plugins allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hide Plugins: from n/a through 1.0.4.
CVE-2025-62131 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through 1.1.5.
CVE-2025-62989 2 Boxystudio, Wordpress 2 Cooked, Wordpress 2026-01-05 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Boxy Studio Cooked allows Stored XSS.This issue affects Cooked: from n/a through 1.11.2.
CVE-2025-62088 2 Extendons, Wordpress 2 Wordpress & Woocommerce Scraper Plugin, Wordpress 2026-01-05 5.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through 1.0.7.
CVE-2025-66158 2 Merkulove, Wordpress 2 Gmaper For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Gmaper for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gmaper for Elementor: from n/a through 1.0.9.
CVE-2025-62101 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0.
CVE-2025-49337 2 Janhenckens, Wordpress 2 Dashboard Beacon, Wordpress 2026-01-05 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in janhenckens Dashboard Beacon allows Stored XSS.This issue affects Dashboard Beacon: from n/a through 1.2.0.
CVE-2025-66159 2 Merkulove, Wordpress 2 Walker For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Walker for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Walker for Elementor: from n/a through 1.1.6.
CVE-2025-66157 2 Merkulove, Wordpress 2 Slider For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Slider for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider for Elementor: from n/a through 1.0.10.