Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (72356 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-63036 1 Wordpress 1 Wordpress 2026-01-20 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DFDevelopment Ronneby Theme Core ronneby-core allows PHP Local File Inclusion.This issue affects Ronneby Theme Core: from n/a through <= 1.5.68.
CVE-2025-63030 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal New User Approve new-user-approve allows Cross Site Request Forgery.This issue affects New User Approve: from n/a through <= 3.2.0.
CVE-2025-63003 1 Wordpress 1 Wordpress 2026-01-20 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes North - Required Plugin north-plugin allows PHP Local File Inclusion.This issue affects North - Required Plugin: from n/a through <= 1.4.2.
CVE-2025-62986 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in FanBridge FanBridge signup fanbridge-signup allows Stored XSS.This issue affects FanBridge signup: from n/a through <= 0.6.
CVE-2025-62980 1 Wordpress 1 Wordpress 2026-01-20 8.8 High
Missing Authorization vulnerability in MDZ Persian Admnin Fonts persian-admin-fonts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Persian Admnin Fonts: from n/a through <= 4.1.03.
CVE-2025-62965 2 Admin Management Xtended Project, Wordpress 2 Admin Management Xtended, Wordpress 2026-01-20 7.2 High
Missing Authorization vulnerability in wpseek Admin Management Xtended admin-management-xtended allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin Management Xtended : from n/a through <= 2.5.1.
CVE-2025-62964 1 Wordpress 1 Wordpress 2026-01-20 8.1 High
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through <= 1.3.4.
CVE-2025-62962 1 Wordpress 1 Wordpress 2026-01-20 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Andrea Landonio CloudSearch cloud-search allows Stored XSS.This issue affects CloudSearch: from n/a through <= 3.0.0.
CVE-2025-62958 1 Wordpress 1 Wordpress 2026-01-20 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Clifton Griffin Simple Content Templates for Blog Posts &amp; Pages simple-post-template allows Cross Site Request Forgery.This issue affects Simple Content Templates for Blog Posts &amp; Pages: from n/a through <= 2.2.61.
CVE-2025-62957 3 Nikanwp, Woocommerce, Wordpress 3 Woocommerce Reporting, Woocommerce, Wordpress 2026-01-20 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through <= 1.0.0.
CVE-2025-62956 1 Wordpress 1 Wordpress 2026-01-20 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in iseremet Reloadly reloadly-topup-widget allows Stored XSS.This issue affects Reloadly: from n/a through <= 2.0.1.
CVE-2025-62954 2 Revive, Wordpress 2 Revive Old Posts, Wordpress 2026-01-20 8.8 High
Missing Authorization vulnerability in Codeinwp Revive Old Posts tweet-old-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive Old Posts: from n/a through <= 9.3.3.
CVE-2025-62953 2 Welcart, Wordpress 2 E-commerce, Wordpress 2026-01-20 8.8 High
Missing Authorization vulnerability in nanbu Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcart e-Commerce: from n/a through <= 2.11.24.
CVE-2025-62952 2 Quantumcloud, Wordpress 2 Chatbot, Wordpress 2026-01-20 8.8 High
Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.0.
CVE-2025-62947 1 Wordpress 1 Wordpress 2026-01-20 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in publitio Publitio publitio allows Retrieve Embedded Sensitive Data.This issue affects Publitio: from n/a through <= 2.2.3.
CVE-2025-62946 2 Everestthemes, Wordpress 2 Everest Backup, Wordpress 2026-01-20 8.8 High
Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Everest Backup: from n/a through <= 2.3.8.
CVE-2025-62945 2 Eduard Pinuaga Linares, Wordpress 2 Did Prestashop Display, Wordpress 2026-01-20 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Eduard Pinuaga Linares Did Prestashop Display did-prestashop-display allows Stored XSS.This issue affects Did Prestashop Display: from n/a through <= 1.0.30.
CVE-2025-62938 2 Reoon Technology, Wordpress 2 Reoon Email Verifier, Wordpress 2026-01-20 8.1 High
Missing Authorization vulnerability in Reoon Technology Reoon Email Verifier reoon-email-verifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reoon Email Verifier: from n/a through <= 2.0.1.
CVE-2025-62935 3 Ilmosys, Woocommerce, Wordpress 3 Open Close Woocommerce Store, Woocommerce, Wordpress 2026-01-20 8.1 High
Missing Authorization vulnerability in ilmosys Open Close WooCommerce Store woc-open-close allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Open Close WooCommerce Store: from n/a through <= 4.9.8.
CVE-2025-62934 1 Wordpress 1 Wordpress 2026-01-20 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Mejar WP Business Hours wp-business-hours allows Stored XSS.This issue affects WP Business Hours: from n/a through <= 1.4.