Search

Expected end of text, found ':' (at char 6), (line:1, col:7)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (329521 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-24386 3 Elementinvader, Elementor, Wordpress 3 Template Kits For Elementor, Elementor, Wordpress 2026-01-23 4.3 Medium
Missing Authorization vulnerability in Element Invader Element Invader &#8211; Template Kits for Elementor elementinvader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Invader &#8211; Template Kits for Elementor: from n/a through <= 1.2.4.
CVE-2026-24384 1 Wordpress 1 Wordpress 2026-01-23 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through <= 2.14.
CVE-2025-69186 2 E-plugins, Wordpress 2 Hospital & Doctor Directory, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9.
CVE-2026-24379 2 Wordpress, Wpjobportal 2 Wordpress, Wp Job Portal 2026-01-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.3.
CVE-2025-69101 2 Amentotech, Wordpress 2 Workreap, Wordpress 2026-01-23 N/A
Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreap_core allows Authentication Abuse.This issue affects Workreap Core: from n/a through <= 3.4.0.
CVE-2026-24371 2 Booking Algorithms, Wordpress 2 Ba Book Everything, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through <= 1.8.16.
CVE-2026-22391 2 Mikado-themes, Wordpress 2 Cocco, Wordpress 2026-01-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through <= 1.5.1.
CVE-2026-24356 1 Wordpress 1 Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in Roxnor GetGenie getgenie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetGenie: from n/a through <= 4.3.0.
CVE-2026-22466 2 Chandnipatel, Wordpress 2 Wp Mapit, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in Chandni Patel WP MapIt wp-mapit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP MapIt: from n/a through <= 3.0.3.
CVE-2026-22358 2 Smartdatasoft, Wordpress 2 Electrician - Electrical Service Wordpress, Wordpress 2026-01-23 N/A
Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Electrician - Electrical Service WordPress electrician allows Server Side Request Forgery.This issue affects Electrician - Electrical Service WordPress: from n/a through <= 5.6.
CVE-2026-23976 2 Wordpress, Wpchill 2 Wordpress, Modula Image Gallery 2026-01-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modula Image Gallery: from n/a through <= 2.13.4.
CVE-2026-22481 1 Wordpress 1 Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in Rasedul Haque Rumi BD Courier Order Ratio Checker bd-courier-order-ratio-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BD Courier Order Ratio Checker: from n/a through <= 2.0.1.
CVE-2025-69188 2 E-plugins, Wordpress 2 Fitness Trainer, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a through <= 1.7.1.
CVE-2026-22411 2 Mikado-themes, Wordpress 2 Dolcino, Wordpress 2026-01-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dolcino: from n/a through <= 1.6.
CVE-2026-22388 1 Wordpress 1 Wordpress 2026-01-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imran Emu Owl Carousel WP owl-carousel-wp allows Stored XSS.This issue affects Owl Carousel WP: from n/a through <= 2.2.2.
CVE-2026-22445 1 Wordpress 1 Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in Proptech Plugin Apimo Connector apimo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apimo Connector: from n/a through <= 2.6.4.
CVE-2025-69181 2 E-plugins, Wordpress 2 Lawyer Directory, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Directory: from n/a through <= 1.3.4.
CVE-2026-24358 2 Expresstech, Wordpress 2 Quiz And Survey Master, Wordpress 2026-01-23 N/A
Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.3.
CVE-2025-69182 2 E-plugins, Wordpress 2 Institutions Directory, Wordpress 2026-01-23 N/A
Incorrect Privilege Assignment vulnerability in e-plugins Institutions Directory institutions-directory allows Privilege Escalation.This issue affects Institutions Directory: from n/a through <= 1.3.4.
CVE-2026-22393 2 Mikado-themes, Wordpress 2 Curly, Wordpress 2026-01-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Curly: from n/a through <= 3.3.