Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9605 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-39553 1 Wordpress 1 Wordpress 2025-09-11 4.3 Medium
Missing Authorization vulnerability in andy_moyle Church Admin. This issue affects Church Admin: from n/a through 5.0.9.
CVE-2025-49860 2 Majesticsupport, Wordpress 2 Majestic Support, Wordpress 2025-09-11 5.3 Medium
Missing Authorization vulnerability in Majestic Support Majestic Support. This issue affects Majestic Support: from n/a through 1.1.0.
CVE-2025-53340 2 Getawesomesupport, Wordpress 2 Awesome Support, Wordpress 2025-09-11 5.3 Medium
Missing Authorization vulnerability in awesomesupport Awesome Support. This issue affects Awesome Support: from n/a through 6.3.4.
CVE-2025-47695 1 Wordpress 1 Wordpress 2025-09-11 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO. This issue affects Blog Designer PRO: from n/a through 3.4.7.
CVE-2025-39523 2 Goodbarber, Wordpress 2 Goodbarber, Wordpress 2025-09-11 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in GoodBarber GoodBarber. This issue affects GoodBarber: from n/a through 1.0.26.
CVE-2025-47571 1 Wordpress 1 Wordpress 2025-09-11 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in highwarden Super Store Finder. This issue affects Super Store Finder: from n/a through 6.9.7.
CVE-2025-47570 2 Villatheme, Wordpress 2 Woocommerce Photo Reviews, Wordpress 2025-09-11 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in villatheme WooCommerce Photo Reviews. This issue affects WooCommerce Photo Reviews: from n/a through 1.3.13.
CVE-2025-49430 1 Wordpress 1 Wordpress 2025-09-11 7.2 High
Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player allows Server Side Request Forgery. This issue affects Ultimate Video Player: from n/a through 10.1.
CVE-2025-48101 2 Webdevstudios, Wordpress 2 Constant Contact For Wordpress, Wordpress 2025-09-11 8.8 High
Deserialization of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress allows Object Injection. This issue affects Constant Contact for WordPress: from n/a through 4.1.1.
CVE-2025-47569 3 Woocommerce, Wordpress, Wpswings 4 Gift Cards, Woocommerce, Wordpress and 1 more 2025-09-11 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPSwings WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates. This issue affects WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates: from n/a through 2.8.10.
CVE-2025-53291 1 Wordpress 1 Wordpress 2025-09-11 5.4 Medium
Missing Authorization vulnerability in spoddev2021 Spreadconnect. This issue affects Spreadconnect: from n/a through 2.1.5.
CVE-2025-58991 3 Cristiano Zanca, Woocommerce, Wordpress 3 Woocommerce Booking Bundle Hours, Woocommerce, Wordpress 2025-09-11 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Cristiano Zanca WooCommerce Booking Bundle Hours allows Stored XSS. This issue affects WooCommerce Booking Bundle Hours: from n/a through 0.7.4.
CVE-2025-58975 1 Wordpress 1 Wordpress 2025-09-11 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings allows Cross Site Request Forgery. This issue affects Advanced Settings: from n/a through 3.1.1.
CVE-2025-58976 1 Wordpress 1 Wordpress 2025-09-11 4.3 Medium
Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Checker by Equalize Digital: from n/a through 1.31.0.
CVE-2025-58977 2 Winwar, Wordpress 2 Wp Ebay Product Feeds, Wordpress 2025-09-11 4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Rhys Wynne WP eBay Product Feeds allows Server Side Request Forgery. This issue affects WP eBay Product Feeds: from n/a through 3.4.8.
CVE-2025-58978 2 Wordpress, Wpswings 2 Wordpress, Pdf Generator For Wordpress 2025-09-11 5.3 Medium
Missing Authorization vulnerability in WP Swings PDF Generator for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF Generator for WordPress: from n/a through 1.5.4.
CVE-2025-58979 2 Berqier, Wordpress 2 Berqwp, Wordpress 2025-09-11 5.3 Medium
Missing Authorization vulnerability in BerqWP BerqWP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BerqWP: from n/a through 2.2.53.
CVE-2025-58980 2 Myrecorp, Wordpress 2 Export Wp Page To Static Html/css, Wordpress 2025-09-11 5.3 Medium
Missing Authorization vulnerability in recorp Export WP Page to Static HTML/CSS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Export WP Page to Static HTML/CSS: from n/a through 4.1.0.
CVE-2025-58981 1 Wordpress 1 Wordpress 2025-09-11 5.4 Medium
Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Checker by Equalize Digital: from n/a through 1.31.0.
CVE-2025-58982 2 Pixeline, Wordpress 2 Email Protector, Wordpress 2025-09-11 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixeline Pixeline's Email Protector allows Stored XSS. This issue affects Pixeline's Email Protector: from n/a through 1.3.8.