Search

Expected end of text, found '.' (at char 10), (line:1, col:11)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (326416 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-63004 2 Skynet Technologies, Wordpress 2 All In One Accessibility, Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Skynet Technologies USA LLC All in One Accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All in One Accessibility: from n/a through 1.14.
CVE-2025-66154 2 Merkulove, Wordpress 2 Couponer For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Couponer for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Couponer for Elementor: from n/a through 1.1.7.
CVE-2025-62132 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through 1.1.5.
CVE-2025-62115 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in ThemeBoy Hide Plugins allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hide Plugins: from n/a through 1.0.4.
CVE-2025-62131 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through 1.1.5.
CVE-2025-62989 2 Boxystudio, Wordpress 2 Cooked, Wordpress 2026-01-05 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Boxy Studio Cooked allows Stored XSS.This issue affects Cooked: from n/a through 1.11.2.
CVE-2025-62088 2 Extendons, Wordpress 2 Wordpress & Woocommerce Scraper Plugin, Wordpress 2026-01-05 5.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through 1.0.7.
CVE-2025-66158 2 Merkulove, Wordpress 2 Gmaper For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Gmaper for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gmaper for Elementor: from n/a through 1.0.9.
CVE-2025-62101 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0.
CVE-2025-49337 2 Janhenckens, Wordpress 2 Dashboard Beacon, Wordpress 2026-01-05 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in janhenckens Dashboard Beacon allows Stored XSS.This issue affects Dashboard Beacon: from n/a through 1.2.0.
CVE-2025-66159 2 Merkulove, Wordpress 2 Walker For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Walker for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Walker for Elementor: from n/a through 1.1.6.
CVE-2025-66157 2 Merkulove, Wordpress 2 Slider For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Slider for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider for Elementor: from n/a through 1.0.10.
CVE-2025-62123 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Ink themes WP Gmail SMTP allows Cross Site Request Forgery.This issue affects WP Gmail SMTP: from n/a through 1.0.7.
CVE-2025-49339 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Digages Direct Payments WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Direct Payments WP: from n/a through 1.3.0.
CVE-2025-49340 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Digages Direct Payments WP allows Retrieve Embedded Sensitive Data.This issue affects Direct Payments WP: from n/a through 1.3.0.
CVE-2025-66156 2 Merkulove, Wordpress 2 Watcher For Elementor, Wordpress 2026-01-05 5.4 Medium
Missing Authorization vulnerability in merkulove Watcher for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watcher for Elementor: from n/a through 1.0.9.
CVE-2025-62083 2 Wordpress, Wp Messiah 2 Wordpress, Wordpress Coming Soon Plugin 2026-01-05 4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Messiah BoomDevs WordPress Coming Soon Plugin allows Retrieve Embedded Sensitive Data.This issue affects BoomDevs WordPress Coming Soon Plugin: from n/a through 1.0.4.
CVE-2025-63021 1 Wordpress 1 Wordpress 2026-01-05 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codetipi Valenti Engine allows DOM-Based XSS.This issue affects Valenti Engine: from n/a through 1.0.3.
CVE-2025-62874 1 Wordpress 1 Wordpress 2026-01-05 4.3 Medium
Missing Authorization vulnerability in Alexander AnyComment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyComment: from n/a through 0.3.6.
CVE-2025-53235 1 Wordpress 1 Wordpress 2026-01-05 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osuthorpe Easy Social allows Reflected XSS.This issue affects Easy Social: from n/a through 1.3.