CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8917 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-66150	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through 1.1.1.
CVE-2025-66149	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove UnGrabber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnGrabber: from n/a through 3.1.3.
CVE-2025-66148	2 Merkulove, Wordpress	2 Conformer For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Conformer for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conformer for Elementor: from n/a through 1.0.7.
CVE-2025-66147	2 Merkulove, Wordpress	2 Coder For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Coder for Elementor coder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coder for Elementor: from n/a through <= 1.0.13.
CVE-2025-66146	2 Merkulove, Wordpress	2 Logger For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Logger for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Logger for Elementor: from n/a through 1.0.9.
CVE-2025-66145	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Worker for WPBakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Worker for WPBakery: from n/a through 1.1.1.
CVE-2025-66144	2 Merkulove, Wordpress	2 Worker For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Worker for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Worker for Elementor: from n/a through 1.0.10.
CVE-2025-66134	2 Ninjateam, Wordpress	2 Filebird, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in NinjaTeam FileBird Pro filebird-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FileBird Pro: from n/a through <= 6.4.9.
CVE-2025-66133	2 Wordpress, Wp Legal Pages	2 Wordpress, Wp Cookie Notice	2026-01-20	5.3 Medium
Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through <= 4.0.7.
CVE-2025-66131	1 Wordpress	1 Wordpress	2026-01-20	9.1 Critical
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through <= 2.2.10.
CVE-2025-66130	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in etruel WP Views Counter wpecounter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Views Counter: from n/a through <= 2.1.2.
CVE-2025-66129	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in wppochipp Pochipp pochipp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pochipp: from n/a through <= 1.18.0.
CVE-2025-66128	3 Brevo, Woocommerce, Wordpress	3 Sendinblue For Woocommerce, Woocommerce, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-newsletter-subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendinblue for WooCommerce: from n/a through <= 4.0.49.
CVE-2025-66127	2 G5theme, Wordpress	2 Essential Real Estate, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Real Estate: from n/a through <= 5.2.2.
CVE-2025-66124	2 Wordpress, Zeen101	2 Wordpress, Leaky Paywall	2026-01-20	5.3 Medium
Missing Authorization vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leaky Paywall: from n/a through <= 4.22.5.
CVE-2025-66122	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in Design Stylish Price List stylish-price-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stylish Price List: from n/a through <= 7.2.2.
CVE-2025-66121	2 Siteground, Wordpress	2 Siteground Security, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in SiteGround SiteGround Security sg-security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through <= 1.5.8.
CVE-2025-66120	2 Catfolders, Wordpress	2 Catfolders, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in CatFolders CatFolders catfolders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CatFolders: from n/a through <= 2.5.3.
CVE-2025-66117	2 Ays-pro, Wordpress	2 Easy Form, Wordpress	2026-01-20	7.5 High
Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through <= 2.7.8.
CVE-2025-66114	3 Theme Funda, Woocommerce, Wordpress	3 Show Variations As Single Products Woocommerce, Woocommerce, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in theme funda Show Variations as Single Products Woocommerce woo-show-single-variations-shop-category allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Show Variations as Single Products Woocommerce: from n/a through <= 2.0.

« first previous Page 9 of 446. next last »