Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (329715 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-25051 1 Automationdirect 1 Click Plc 2026-01-26 6.1 Medium
An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks.
CVE-2026-22393 2 Mikado-themes, Wordpress 2 Curly, Wordpress 2026-01-26 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Curly: from n/a through <= 3.3.
CVE-2026-22396 2 Mikado-themes, Wordpress 2 Fiorello, Wordpress 2026-01-26 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fiorello fiorello allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fiorello: from n/a through <= 1.0.
CVE-2026-22398 2 Mikado-themes, Wordpress 2 Fleur, Wordpress 2026-01-26 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fleur fleur allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fleur: from n/a through <= 2.0.
CVE-2026-22400 2 Mikado-themes, Wordpress 2 Holmes, Wordpress 2026-01-26 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Holmes holmes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Holmes: from n/a through <= 1.7.
CVE-2025-69075 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Yolox yolox allows PHP Local File Inclusion.This issue affects Yolox: from n/a through <= 1.0.15.
CVE-2026-22401 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pavothemes Freshio freshio allows PHP Local File Inclusion.This issue affects Freshio: from n/a through <= 2.4.2.
CVE-2026-22402 1 Wordpress 1 Wordpress 2026-01-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through <= 2.4.7.
CVE-2026-22404 2 Mikado-themes, Wordpress 2 Innovio, Wordpress 2026-01-26 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Innovio innovio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Innovio: from n/a through <= 1.7.
CVE-2026-22406 2 Mikado-themes, Wordpress 2 Overton, Wordpress 2026-01-26 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Overton overton allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Overton: from n/a through <= 1.3.
CVE-2026-22409 2 Mikado-themes, Wordpress 2 Justicia, Wordpress 2026-01-26 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Justicia justicia allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Justicia: from n/a through <= 1.2.
CVE-2026-24383 2 Bplugins, Wordpress 2 B Slider, Wordpress 2026-01-26 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Slider b-slider allows DOM-Based XSS.This issue affects B Slider: from n/a through <= 2.0.6.
CVE-2026-22447 1 Wordpress 1 Wordpress 2026-01-26 N/A
Missing Authorization vulnerability in Select-Themes Prowess prowess allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prowess: from n/a through <= 1.8.1.
CVE-2026-22458 2 Mikado-themes, Wordpress 2 Wanderland, Wordpress 2026-01-26 N/A
Missing Authorization vulnerability in Mikado-Themes Wanderland wanderland allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wanderland: from n/a through <= 1.5.
CVE-2026-22466 2 Chandnipatel, Wordpress 2 Wp Mapit, Wordpress 2026-01-26 N/A
Missing Authorization vulnerability in Chandni Patel WP MapIt wp-mapit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP MapIt: from n/a through <= 3.0.3.
CVE-2026-22482 2 Wbolt, Wordpress 2 Imgspider, Wordpress 2026-01-26 N/A
Server-Side Request Forgery (SSRF) vulnerability in wbolt.com IMGspider imgspider allows Server Side Request Forgery.This issue affects IMGspider: from n/a through <= 2.3.12.
CVE-2026-22483 1 Wordpress 1 Wordpress 2026-01-26 N/A
Cross-Site Request Forgery (CSRF) vulnerability in winkm89 teachPress teachpress allows Cross Site Request Forgery.This issue affects teachPress: from n/a through <= 9.0.12.
CVE-2026-23974 2 Uxper, Wordpress 2 Golo, Wordpress 2026-01-26 N/A
Missing Authorization vulnerability in uxper Golo golo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Golo: from n/a through < 1.7.5.
CVE-2025-69099 1 Wordpress 1 Wordpress 2026-01-26 N/A
Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection.This issue affects North: from n/a through <= 5.7.5.
CVE-2026-23975 2 Uxper, Wordpress 2 Golo, Wordpress 2026-01-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Golo golo allows PHP Local File Inclusion.This issue affects Golo: from n/a through < 1.7.5.