CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8917 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-67548	2 Wordpress, Wpdelicious	2 Wordpress, Wp Delicious	2026-01-20	6.5 Medium
Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through <= 1.9.1.
CVE-2025-67468	2 Crmperks, Wordpress	2 Integration For Salesforce And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms cf7-salesforce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms: from n/a through <= 1.4.6.
CVE-2025-67540	3 Elementor, Wealcoder, Wordpress	3 Elementor, Animation Addons For Elementor, Wordpress	2026-01-20	6.5 Medium
Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through <= 2.4.5.
CVE-2025-67466	2 Sergiotrinity, Wordpress	2 Trinity Audio, Wordpress	2026-01-20	8.1 High
Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through <= 5.23.3.
CVE-2025-66534	1 Wordpress	1 Wordpress	2026-01-20	8.8 High
Missing Authorization vulnerability in Elated-Themes The Aisle theaisle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Aisle: from n/a through <= 2.9.
CVE-2025-67474	2 Ultimatemember, Wordpress	2 Forumwp, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through <= 2.1.4.
CVE-2025-66532	2 Mikado-themes, Wordpress	2 Powerlift, Wordpress	2026-01-20	8.8 High
Missing Authorization vulnerability in Mikado-Themes Powerlift powerlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Powerlift: from n/a through < 3.2.1.
CVE-2025-66129	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in wppochipp Pochipp pochipp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pochipp: from n/a through <= 1.18.0.
CVE-2025-66528	2 Villatheme, Wordpress	2 Thank You Page Customizer For Woocommerce, Wordpress	2026-01-20	8.1 High
Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer for WooCommerce: from n/a through <= 1.1.8.
CVE-2025-66155	2 Merkulove, Wordpress	2 Questionar For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Questionar for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Questionar for Elementor: from n/a through 1.1.7.
CVE-2025-66157	2 Merkulove, Wordpress	2 Slider For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Slider for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider for Elementor: from n/a through 1.0.10.
CVE-2025-66128	3 Brevo, Woocommerce, Wordpress	3 Sendinblue For Woocommerce, Woocommerce, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-newsletter-subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendinblue for WooCommerce: from n/a through <= 4.0.49.
CVE-2025-66151	2 Merkulove, Wordpress	2 Countdowner For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Countdowner for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Countdowner for Elementor: from n/a through 1.0.4.
CVE-2025-66150	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through 1.1.1.
CVE-2025-66160	2 Merkulove, Wordpress	2 Select Graphist For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Select Graphist for Elementor Graphist for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Select Graphist for Elementor Graphist for Elementor: from n/a through 1.2.10.
CVE-2025-66165	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Lottier for WPBakery lottier-wpbakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier for WPBakery: from n/a through <= 1.1.7.
CVE-2025-66530	2 Webba-booking, Wordpress	2 Webba Booking, Wordpress	2026-01-20	8.8 High
Missing Authorization vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webba Booking: from n/a through <= 6.2.1.
CVE-2025-66131	1 Wordpress	1 Wordpress	2026-01-20	9.1 Critical
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through <= 2.2.10.
CVE-2025-66147	2 Merkulove, Wordpress	2 Coder For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Coder for Elementor coder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coder for Elementor: from n/a through <= 1.0.13.
CVE-2025-66146	2 Merkulove, Wordpress	2 Logger For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Logger for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Logger for Elementor: from n/a through 1.0.9.

« first previous Page 7 of 446. next last »