Search

Expected end of text, found '.' (at char 45), (line:1, col:46)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346620 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-39653 2 Imdpen, Wordpress 2 Video Conferencing With Zoom, Wordpress 2026-04-24 4.3 Medium
Missing Authorization vulnerability in Deepen Bajracharya Video Conferencing with Zoom video-conferencing-with-zoom-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Conferencing with Zoom: from n/a through <= 4.6.6.
CVE-2026-23349 1 Linux 1 Linux Kernel 2026-04-24 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits from ffbit
CVE-2026-39657 2 Leadlovers, Wordpress 2 Leadlovers Forms, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in leadlovers leadlovers forms leadlovers-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects leadlovers forms: from n/a through <= 1.0.2.
CVE-2026-39660 2 Automattic, Wordpress 2 Wp Job Manager, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.1.
CVE-2026-39663 2 Themetechmount, Wordpress 2 Truebooker, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.5.
CVE-2026-39666 2 Telepathy, Wordpress 2 Hello Bar Popup Builder, Wordpress 2026-04-24 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through <= 1.5.1.
CVE-2026-39672 2 Shiptime, Wordpress 2 Shiptime: Discounted Shipping Rates, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipTime: Discounted Shipping Rates: from n/a through <= 1.1.1.
CVE-2026-39679 2 Apustheme, Wordpress 2 Freeio, Wordpress 2026-04-24 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Freeio freeio allows PHP Local File Inclusion.This issue affects Freeio: from n/a through <= 1.3.21.
CVE-2026-39680 2 Mwp Development, Wordpress 2 Diet Calorie Calculator, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in MWP Development Diet Calorie Calculator diet-calorie-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Diet Calorie Calculator: from n/a through <= 1.1.1.
CVE-2026-39681 2 Apustheme, Wordpress 2 Homeo, Wordpress 2026-04-24 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Homeo homeo allows PHP Local File Inclusion.This issue affects Homeo: from n/a through <= 1.2.59.
CVE-2026-39668 2 G5theme, Wordpress 2 Book Previewer For Woocommerce, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through <= 1.0.6.
CVE-2026-39677 2 Creatives Planet, Wordpress 2 Emphires, Wordpress 2026-04-24 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Emphires emphires allows PHP Local File Inclusion.This issue affects Emphires: from n/a through <= 3.9.
CVE-2026-39665 2 Vladimir Prelovac, Wordpress 2 Seo Friendly Images, Wordpress 2026-04-24 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Prelovac SEO Friendly Images seo-image allows DOM-Based XSS.This issue affects SEO Friendly Images: from n/a through <= 3.0.5.
CVE-2026-39671 2 Dotstore, Wordpress 2 Extra Fees Plugin For Woocommerce, Wordpress 2026-04-24 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Dotstore Extra Fees Plugin for WooCommerce woo-conditional-product-fees-for-checkout allows Cross Site Request Forgery.This issue affects Extra Fees Plugin for WooCommerce: from n/a through <= 4.3.3.
CVE-2026-39670 2 Brecht, Wordpress 2 Visual Link Preview, Wordpress 2026-04-24 6 Medium
Server-Side Request Forgery (SSRF) vulnerability in Brecht Visual Link Preview visual-link-preview allows Server Side Request Forgery.This issue affects Visual Link Preview: from n/a through <= 2.3.0.
CVE-2026-39682 2 Arjan Pronk, Wordpress 2 Linkpizza-manager, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in Arjan Pronk linkPizza-Manager linkpizza-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects linkPizza-Manager: from n/a through <= 5.5.5.
CVE-2026-39662 2 Prowcplugins, Wordpress 2 Product Price By Formula For Woocommerce, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through <= 2.5.6.
CVE-2026-39664 2 Leadrebel, Wordpress 2 Leadrebel, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadrebel: from n/a through <= 1.0.2.
CVE-2026-39667 2 Jongmyoung Kim, Wordpress 2 Korea Sns, Wordpress 2026-04-24 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jongmyoung Kim Korea SNS korea-sns allows DOM-Based XSS.This issue affects Korea SNS: from n/a through <= 1.7.0.
CVE-2026-39674 2 Manoj Kumar, Wordpress 2 Mk Google Directions, Wordpress 2026-04-24 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Manoj Kumar MK Google Directions google-distance-calculator allows DOM-Based XSS.This issue affects MK Google Directions: from n/a through <= 3.1.1.