Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (72432 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-62074 2 Amauri, Wordpress 2 Wpmobile.app, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through <= 11.71.
CVE-2025-62067 1 Wordpress 1 Wordpress 2026-01-20 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Savory savory.This issue affects Savory: from n/a through <= 2.5.
CVE-2025-62066 1 Wordpress 1 Wordpress 2026-01-20 7.4 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes Revolution revolution.This issue affects Revolution: from n/a through < 2.5.8.
CVE-2025-62059 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force SureRank surerank.This issue affects SureRank: from n/a through <= 1.3.2.
CVE-2025-62057 2 Favethemes, Wordpress 2 Houzez, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0.
CVE-2025-62055 2 Elated-themes, Wordpress 2 Academist, Wordpress 2026-01-20 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through < 1.3.
CVE-2025-62054 2 Favethemes, Wordpress 2 Houzez, Wordpress 2026-01-20 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through <= 4.1.8.
CVE-2025-62053 2 Favethemes, Wordpress 2 Houzez, Wordpress 2026-01-20 8 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through < 4.2.0.
CVE-2025-62045 2 Codexthemes, Wordpress 2 Thegem, Wordpress 2026-01-20 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodexThemes TheGem Theme Elements (for WPBakery) thegem-elements.This issue affects TheGem Theme Elements (for WPBakery): from n/a through <= 5.10.5.1.
CVE-2025-62041 3 Codexthemes, Elementor, Wordpress 3 Thegem, Elementor, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor) thegem-elementor.This issue affects TheGem (Elementor): from n/a through <= 5.10.5.1.
CVE-2025-62040 2 Wordpress, Yop-poll 3 Wordpress, Yop-poll, Yop Poll 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through <= 6.5.37.
CVE-2025-62039 2 Ays-pro, Wordpress 2 Ai Chatbot With Chatgpt, Wordpress 2026-01-20 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Retrieve Embedded Sensitive Data.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.6.6.
CVE-2025-62036 1 Wordpress 1 Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVE-2025-62035 1 Wordpress 1 Wordpress 2026-01-20 8.8 High
Deserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVE-2025-62034 1 Wordpress 1 Wordpress 2026-01-20 8.8 High
Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVE-2025-62031 2 Tagdiv, Wordpress 2 Composer, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer.This issue affects tagDiv Composer: from n/a through <= 5.4.1.
CVE-2025-62029 1 Wordpress 1 Wordpress 2026-01-20 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themesion Grevo grevo.This issue affects Grevo: from n/a through <= 2.4.
CVE-2025-62022 2 Buddypress, Wordpress 2 Buddypress, Wordpress 2026-01-20 7.5 High
Missing Authorization vulnerability in BuddyPress BuddyPress buddypress.This issue affects BuddyPress: from n/a through <= 14.3.4.
CVE-2025-62020 2 Infomaniak, Wordpress 2 Vod Infomaniak, Wordpress 2026-01-20 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infomaniak Network VOD Infomaniak vod-infomaniak.This issue affects VOD Infomaniak: from n/a through <= 1.5.11.
CVE-2025-62015 3 Josh Kohlbach, Woocommerce, Wordpress 4 Advanced Coupons For Woocommerce Coupons, Woocommerce, Woocommerce Smart Coupons and 1 more 2026-01-20 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free.This issue affects Advanced Coupons for WooCommerce Coupons: from n/a through <= 4.6.8.