Search

Expected end of text, found '.' (at char 16), (line:1, col:17)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (329911 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-68058 2 E-plugins, Wordpress 2 Institutions Directory, Wordpress 2026-01-26 N/A
Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through <= 1.3..4.
CVE-2025-68059 1 Wordpress 1 Wordpress 2026-01-26 N/A
Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through <= 1.4.2.
CVE-2025-68507 2 Icegram, Wordpress 2 Icegram, Wordpress 2026-01-26 N/A
Missing Authorization vulnerability in Icegram Icegram icegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram: from n/a through <= 3.1.35.
CVE-2025-68538 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through <= 2.3.6.
CVE-2025-68838 2 Expresstechsoftware, Wordpress 2 Memberpress Discord Addon, Wordpress 2026-01-26 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in expresstechsoftware MemberPress Discord Addon expresstechsoftwares-memberpress-discord-add-on allows Reflected XSS.This issue affects MemberPress Discord Addon: from n/a through <= 1.1.4.
CVE-2025-68839 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Remi Corson Easy Theme Options easy-theme-options allows Reflected XSS.This issue affects Easy Theme Options: from n/a through <= 1.0.
CVE-2025-68849 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Frank Corso Quote Master quote-master allows Reflected XSS.This issue affects Quote Master: from n/a through <= 7.1.1.
CVE-2025-68884 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arevico WP Simple Redirect wp-simple-redirect allows Reflected XSS.This issue affects WP Simple Redirect: from n/a through <= 1.1.
CVE-2025-68894 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shoutoutglobal ShoutOut shoutout allows Reflected XSS.This issue affects ShoutOut: from n/a through <= 4.0.2.
CVE-2025-68898 2 Cjjparadoxmax, Wordpress 2 Synergy Project Manager, Wordpress 2026-01-26 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cjjparadoxmax Synergy Project Manager synergy-project-manager allows Stored XSS.This issue affects Synergy Project Manager: from n/a through <= 1.5.
CVE-2025-68901 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through <= 8.0.
CVE-2025-68902 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through <= 8.0.
CVE-2025-68908 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in temash Barberry barberry allows PHP Local File Inclusion.This issue affects Barberry: from n/a through <= 2.9.9.87.
CVE-2025-68909 1 Wordpress 1 Wordpress 2026-01-26 N/A
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogistic blogistic allows Using Malicious Files.This issue affects Blogistic: from n/a through <= 1.0.5.
CVE-2025-68911 2 Solacewp, Wordpress 2 Solace, Wordpress 2026-01-26 N/A
Missing Authorization vulnerability in solacewp Solace solace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Solace: from n/a through <= 2.1.16.
CVE-2025-68913 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zozothemes Miion miion allows PHP Local File Inclusion.This issue affects Miion: from n/a through <= 1.2.7.
CVE-2025-68986 1 Wordpress 1 Wordpress 2026-01-26 N/A
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Miion miion allows Upload a Web Shell to a Web Server.This issue affects Miion: from n/a through <= 1.2.7.
CVE-2025-69002 2 Designthemes, Wordpress 2 Onelife, Wordpress 2026-01-26 N/A
Deserialization of Untrusted Data vulnerability in designthemes OneLife onelife allows Object Injection.This issue affects OneLife: from n/a through <= 3.9.
CVE-2025-69004 3 Woocommerce, Wordpress, Xpeedstudio 3 Woocommerce, Wordpress, Bajaar - Highly Customizable Woocommerce Wordpress Theme 2026-01-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in XpeedStudio Bajaar - Highly Customizable WooCommerce WordPress Theme bajaar allows PHP Local File Inclusion.This issue affects Bajaar - Highly Customizable WooCommerce WordPress Theme: from n/a through <= 2.1.0.
CVE-2025-69005 2 Elated-themes, Wordpress 2 Search And Go Theme, Wordpress 2026-01-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Search & Go search-and-go allows PHP Local File Inclusion.This issue affects Search & Go: from n/a through <= 2.8.