@nguniversal/express-engine CVEs and Security Vulnerabilities

Export limit exceeded: 347131 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 26), (line:1, col:27)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347131 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-39563	2 Illid, Wordpress	2 Share This Image, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through <= 2.12.
CVE-2026-39572	2 Mage-people, Wordpress	2 Bus Ticket Booking With Seat Reservation, Wordpress	2026-04-29	4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through < 5.6.5.
CVE-2026-39602	2 Rustaurius, Wordpress	2 Order Tracking, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3.
CVE-2026-39535	2 Fullworks, Wordpress	2 Display Eventbrite Events, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display Eventbrite Events: from n/a through <= 6.5.6.
CVE-2026-39566	2 Designinvento, Wordpress	2 Directorypress, Wordpress	2026-04-29	4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through <= 3.6.26.
CVE-2026-39565	2 Magepeople, Wordpress	2 Wptravelly, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpTravelly: from n/a through <= 2.1.7.
CVE-2026-39561	2 Wordpress, Wp Chill	2 Wordpress, Revive.so	2026-04-29	5.3 Medium
Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.7.
CVE-2026-39506	2 Jordy Meow, Wordpress	2 Ai-engine, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Jordy Meow AI Engine (Pro) ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine (Pro): from n/a through < 3.4.2.
CVE-2026-39520	2 Wedevs, Wordpress	2 Wedocs, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through <= 2.1.18.
CVE-2026-39477	2 Brainstormforce, Wordpress	2 Cartflows, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CartFlows: from n/a through <= 2.2.3.
CVE-2026-39488	2 Surecart, Wordpress	2 Surecart, Wordpress	2026-04-29	6.5 Medium
Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through <= 4.0.2.
CVE-2026-39504	2 Instawp, Wordpress	2 Instawp Connect, Wordpress	2026-04-29	5.4 Medium
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.2.5.
CVE-2026-39510	2 Wordpress, Wpchill	2 Wordpress, Image Photo Gallery Final Tiles Grid	2026-04-29	2.7 Low
Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.11.
CVE-2026-39486	2 Wordpress, Wpchill	2 Wordpress, Download Monitor	2026-04-29	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through <= 5.1.8.
CVE-2026-39475	2 Syed Balkhi, Wordpress	2 User Feedback, Wordpress	2026-04-29	7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.1.
CVE-2026-32587	2 Saad Iqbal, Wordpress	2 Wp Easypay, Wordpress	2026-04-29	5.4 Medium
Missing Authorization vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through <= 4.2.11.
CVE-2026-32586	2 Pluggabl, Wordpress	2 Booster For Woocommerce, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through < 7.11.3.
CVE-2026-32565	2 Webberzone, Wordpress	2 Contextual Related Posts, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Ajay Contextual Related Posts contextual-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a through < 4.2.2.
CVE-2026-39469	2 Softaculous, Wordpress	2 Pagelayer, Wordpress	2026-04-29	4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8.
CVE-2026-32562	2 Wordpress, Wp Folio Team	2 Wordpress, Ppwp	2026-04-29	5.4 Medium
Missing Authorization vulnerability in WP Folio Team PPWP password-protect-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPWP: from n/a through <= 1.9.15.

« first previous Page 17 of 17357. next last »