Search

Expected end of text, found ':' (at char 22), (line:1, col:23)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (358147 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-49109 2026-06-15 9.8 Critical
Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.3 versions.
CVE-2026-49106 2026-06-15 9.8 Critical
Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact <= 1.1.6 versions.
CVE-2026-49104 2026-06-15 9.8 Critical
Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.2.1 versions.
CVE-2026-49085 2026-06-15 9.8 Critical
Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.4 versions.
CVE-2026-49083 2026-06-15 7.5 High
Contributor Privilege Escalation in LatePoint <= 5.5.1 versions.
CVE-2026-49082 2026-06-15 7.4 High
Subscriber Sensitive Data Exposure in Chatway Live Chat &#8211; AI Chatbot, Customer Support, FAQ &amp; Helpdesk Customer Service &amp; Chat Buttons <= 1.4.8 versions.
CVE-2026-49078 2026-06-15 7.5 High
Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.
CVE-2026-49068 2026-06-15 7.5 High
Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions.
CVE-2026-49067 2026-06-15 9.3 Critical
Unauthenticated SQL Injection in Advanced 301 and 302 Redirect <= 1.6.9 versions.
CVE-2026-49066 2026-06-15 7.5 High
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions.
CVE-2026-49065 2026-06-15 8.2 High
Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions.
CVE-2026-49063 2026-06-15 7.3 High
Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions.
CVE-2026-49056 2026-06-15 7.5 High
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions.
CVE-2026-49055 2026-06-15 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.7 versions.
CVE-2026-49043 2026-06-15 4.7 Medium
Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
CVE-2026-48970 2026-06-15 8.1 High
Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions.
CVE-2026-48966 2026-06-15 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Funnel Builder by FunnelKit <= 3.15.0.2 versions.
CVE-2026-48964 2026-06-15 8.5 High
Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.6 versions.
CVE-2026-48889 2026-06-15 8.8 High
Subscriber Privilege Escalation in Amelia <= 2.3 versions.
CVE-2026-48887 2026-06-15 6.5 Medium
Unauthenticated Broken Access Control in JS Help Desk <= 3.0.9 versions.