Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (329486 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-24356 1 Wordpress 1 Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in Roxnor GetGenie getgenie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetGenie: from n/a through <= 4.3.0.
CVE-2026-24367 1 Wordpress 1 Wordpress 2026-01-23 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through < 3.2.8.
CVE-2026-22466 2 Chandnipatel, Wordpress 2 Wp Mapit, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in Chandni Patel WP MapIt wp-mapit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP MapIt: from n/a through <= 3.0.3.
CVE-2026-22358 2 Smartdatasoft, Wordpress 2 Electrician - Electrical Service Wordpress, Wordpress 2026-01-23 N/A
Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Electrician - Electrical Service WordPress electrician allows Server Side Request Forgery.This issue affects Electrician - Electrical Service WordPress: from n/a through <= 5.6.
CVE-2025-69316 1 Wordpress 1 Wordpress 2026-01-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 TableOn posts-table-filterable allows Reflected XSS.This issue affects TableOn: from n/a through <= 1.0.4.2.
CVE-2026-23976 2 Wordpress, Wpchill 2 Wordpress, Modula Image Gallery 2026-01-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modula Image Gallery: from n/a through <= 2.13.4.
CVE-2026-22481 1 Wordpress 1 Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in Rasedul Haque Rumi BD Courier Order Ratio Checker bd-courier-order-ratio-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BD Courier Order Ratio Checker: from n/a through <= 2.0.1.
CVE-2025-69188 2 E-plugins, Wordpress 2 Fitness Trainer, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a through <= 1.7.1.
CVE-2026-22411 2 Mikado-themes, Wordpress 2 Dolcino, Wordpress 2026-01-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dolcino: from n/a through <= 1.6.
CVE-2026-22388 1 Wordpress 1 Wordpress 2026-01-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imran Emu Owl Carousel WP owl-carousel-wp allows Stored XSS.This issue affects Owl Carousel WP: from n/a through <= 2.2.2.
CVE-2026-22445 1 Wordpress 1 Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in Proptech Plugin Apimo Connector apimo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apimo Connector: from n/a through <= 2.6.4.
CVE-2025-69181 2 E-plugins, Wordpress 2 Lawyer Directory, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Directory: from n/a through <= 1.3.4.
CVE-2026-24358 2 Expresstech, Wordpress 2 Quiz And Survey Master, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.3.
CVE-2025-69182 2 E-plugins, Wordpress 2 Institutions Directory, Wordpress 2026-01-23 N/A
Incorrect Privilege Assignment vulnerability in e-plugins Institutions Directory institutions-directory allows Privilege Escalation.This issue affects Institutions Directory: from n/a through <= 1.3.4.
CVE-2026-22393 2 Mikado-themes, Wordpress 2 Curly, Wordpress 2026-01-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Curly: from n/a through <= 3.3.
CVE-2024-30406 2 Juniper, Juniper Networks 13 Acx5448, Acx5448-d, Acx5448-m and 10 more 2026-01-23 5.5 Medium
A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. This issue affects only Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on these devices from 23.1R1-EVO through 23.2R2-EVO.  This issue does not affect releases before 23.1R1-EVO.
CVE-2026-24354 1 Wordpress 1 Wordpress 2026-01-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Shortcodes & Performance penci-shortcodes allows DOM-Based XSS.This issue affects Penci Shortcodes & Performance: from n/a through <= 6.1.
CVE-2025-69187 2 E-plugins, Wordpress 2 Final User, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Final User: from n/a through <= 1.2.5.
CVE-2026-22396 2 Mikado-themes, Wordpress 2 Fiorello, Wordpress 2026-01-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fiorello fiorello allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fiorello: from n/a through <= 1.0.
CVE-2026-22461 2 Webappick, Wordpress 2 Ctx Feed, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in WebAppick CTX Feed webappick-product-feed-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CTX Feed: from n/a through <= 6.6.18.