Search

Expected end of text, found ':' (at char 24), (line:1, col:25)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347280 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-39561 2 Wordpress, Wp Chill 2 Wordpress, Revive.so 2026-04-29 5.3 Medium
Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.7.
CVE-2026-39506 2 Jordy Meow, Wordpress 2 Ai-engine, Wordpress 2026-04-29 4.3 Medium
Missing Authorization vulnerability in Jordy Meow AI Engine (Pro) ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine (Pro): from n/a through < 3.4.2.
CVE-2026-39520 2 Wedevs, Wordpress 2 Wedocs, Wordpress 2026-04-29 5.3 Medium
Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through <= 2.1.18.
CVE-2026-39477 2 Brainstormforce, Wordpress 2 Cartflows, Wordpress 2026-04-29 4.3 Medium
Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CartFlows: from n/a through <= 2.2.3.
CVE-2026-39488 2 Surecart, Wordpress 2 Surecart, Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through <= 4.0.2.
CVE-2026-39504 2 Instawp, Wordpress 2 Instawp Connect, Wordpress 2026-04-29 5.4 Medium
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.2.5.
CVE-2026-39510 2 Wordpress, Wpchill 2 Wordpress, Image Photo Gallery Final Tiles Grid 2026-04-29 2.7 Low
Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.11.
CVE-2026-39486 2 Wordpress, Wpchill 2 Wordpress, Download Monitor 2026-04-29 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through <= 5.1.8.
CVE-2026-39475 2 Syed Balkhi, Wordpress 2 User Feedback, Wordpress 2026-04-29 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.1.
CVE-2026-32587 2 Saad Iqbal, Wordpress 2 Wp Easypay, Wordpress 2026-04-29 5.4 Medium
Missing Authorization vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through <= 4.2.11.
CVE-2026-32586 2 Pluggabl, Wordpress 2 Booster For Woocommerce, Wordpress 2026-04-29 5.3 Medium
Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through < 7.11.3.
CVE-2026-32565 2 Webberzone, Wordpress 2 Contextual Related Posts, Wordpress 2026-04-29 5.3 Medium
Missing Authorization vulnerability in Ajay Contextual Related Posts contextual-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a through < 4.2.2.
CVE-2026-39469 2 Softaculous, Wordpress 2 Pagelayer, Wordpress 2026-04-29 4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8.
CVE-2026-32562 2 Wordpress, Wp Folio Team 2 Wordpress, Ppwp 2026-04-29 5.4 Medium
Missing Authorization vulnerability in WP Folio Team PPWP password-protect-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPWP: from n/a through <= 1.9.15.
CVE-2026-32546 2 Stellarwp, Wordpress 2 Restrict Content, Wordpress 2026-04-29 7.5 High
Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22.
CVE-2026-32541 2 Premmerce, Wordpress 2 Premmerce Redirect Manager, Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through <= 1.0.12.
CVE-2026-32567 2 Icopydoc, Wordpress 2 Yml For Yandex Market, Wordpress 2026-04-29 6.8 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in icopydoc YML for Yandex Market yml-for-yandex-market allows Path Traversal.This issue affects YML for Yandex Market: from n/a through < 5.3.0.
CVE-2026-32533 2 Latepoint, Wordpress 2 Latepoint, Wordpress 2026-04-29 6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LatePoint: from n/a through <= 5.2.6.
CVE-2026-32535 2 Joomsky, Wordpress 2 Js Help Desk, Wordpress 2026-04-29 6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 3.0.3.
CVE-2026-32527 2 Crmperks, Wordpress 2 Wp Insightly For Contact Form 7, Wpforms, Elementor, Formidable And Ninja Forms, Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-insightly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through <= 1.1.5.