CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (328531 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-64253	1 Wordpress	2 Health Check & Troubleshooting, Wordpress	2026-01-20	4.9 Medium
Path Traversal: '.../...//' vulnerability in WordPress.org Health Check & Troubleshooting health-check allows Path Traversal.This issue affects Health Check & Troubleshooting: from n/a through <= 1.7.1.
CVE-2025-64251	1 Wordpress	1 Wordpress	2026-01-20	4.9 Medium
Missing Authorization vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Learning Pro: from n/a through <= 3.9.3.
CVE-2025-64250	2 Wordpress, Wpwax	2 Wordpress, Directorist	2026-01-20	6.1 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wpWax Directorist directorist allows Phishing.This issue affects Directorist: from n/a through <= 8.5.6.
CVE-2025-64249	2 Wordpress, Wp-experts	2 Wordpress, Protect Wp Admin	2026-01-20	4.8 Medium
Missing Authorization vulnerability in WP-EXPERTS.IN Protect WP Admin protect-wp-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protect WP Admin: from n/a through <= 4.1.
CVE-2025-64248	2 Emarketdesign, Wordpress	2 Request A Quote, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in emarket-design Request a Quote request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Request a Quote: from n/a through <= 2.5.3.
CVE-2025-64247	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through <= 3.5.4.1.
CVE-2025-64246	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in netopsae Accessibility by AudioEye accessibility-by-audioeye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility by AudioEye: from n/a through <= 1.0.49.
CVE-2025-64245	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in ryanpcmcquen Import external attachments import-external-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Import external attachments: from n/a through <= 1.5.12.
CVE-2025-64244	3 Codexpert, Elementor, Wordpress	3 Restrict Elementor Widgets Columns And Sections, Elementor, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Codexpert, Inc Restrict Elementor Widgets, Columns and Sections restrict-elementor-widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Elementor Widgets, Columns and Sections: from n/a through <= 1.12.
CVE-2025-64243	2 E-plugins, Wordpress	2 Directory Pro, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6.
CVE-2025-64242	2 Merv Barrett, Wordpress	2 Easy Property Listings, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Merv Barrett Easy Property Listings easy-property-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Property Listings: from n/a through <= 3.5.15.
CVE-2025-64241	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Imtiaz Rayhan WP Coupons and Deals wp-coupons-and-deals allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Coupons and Deals: from n/a through <= 3.2.4.
CVE-2025-64240	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in freshchat Freshchat freshchat allows Cross Site Request Forgery.This issue affects Freshchat: from n/a through <= 2.3.4.
CVE-2025-64239	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Yoav Farhi RTL Tester rtl-tester allows Cross Site Request Forgery.This issue affects RTL Tester: from n/a through <= 1.2.
CVE-2025-64238	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in NicolasKulka WPS Bidouille wps-bidouille allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPS Bidouille: from n/a through <= 1.33.1.
CVE-2025-64237	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Graham Quick Interest Slider quick-interest-slider allows Cross Site Request Forgery.This issue affects Quick Interest Slider: from n/a through <= 3.1.5.
CVE-2025-64236	1 Wordpress	1 Wordpress	2026-01-20	9.8 Critical
Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6.
CVE-2025-64235	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AmentoTech Tuturn allows Path Traversal.This issue affects Tuturn: from n/a before 3.6.
CVE-2025-64234	2 Evergreencontentposter, Wordpress	2 Evergreen Content Poster, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Evergreen Content Poster: from n/a through <= 1.4.5.
CVE-2025-64233	1 Wordpress	1 Wordpress	2026-01-20	9.8 Critical
Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object Injection.This issue affects Codiqa: from n/a through < 1.2.8.

« first previous Page 41 of 16427. next last »