Export limit exceeded: 78833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (78833 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67524 | 3 Elementor, Nootheme, Wordpress | 3 Elementor, Jobmonster, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through <= 1.1.4. | ||||
| CVE-2025-67523 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Exhibz exhibz allows PHP Local File Inclusion.This issue affects Exhibz: from n/a through <= 3.0.9. | ||||
| CVE-2025-67522 | 2 Nootheme, Wordpress | 2 Jobmonster, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster noo-jobmonster allows PHP Local File Inclusion.This issue affects Jobmonster: from n/a through <= 4.8.2. | ||||
| CVE-2025-67521 | 2 Select-themes, Wordpress | 2 Select Core, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Select Core select-core allows PHP Local File Inclusion.This issue affects Select Core: from n/a through < 2.6. | ||||
| CVE-2025-67520 | 2 Tinysolutions, Wordpress | 2 Media Library Tools, Wordpress | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through <= 1.6.15. | ||||
| CVE-2025-67519 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows SQL Injection.This issue affects Ninja Tables: from n/a through <= 5.2.3. | ||||
| CVE-2025-67518 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Accordion Slider PRO accordion_slider_pro allows Blind SQL Injection.This issue affects Accordion Slider PRO: from n/a through <= 1.2. | ||||
| CVE-2025-67517 | 2 Artplacer, Wordpress | 2 Artplacer Widget, Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Blind SQL Injection.This issue affects ArtPlacer Widget: from n/a through <= 2.22.9.2. | ||||
| CVE-2025-67516 | 2 Agile Logix, Wordpress | 2 Store Locator Wordpress, Wordpress Mu | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Blind SQL Injection.This issue affects Store Locator WordPress: from n/a through <= 1.6.2. | ||||
| CVE-2025-67515 | 3 Mikado-themes, Qodeinteractive, Wordpress | 3 Wilmer, Wilmer, Wordpress | 2026-04-23 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through < 3.5. | ||||
| CVE-2025-66117 | 2 Ays-pro, Wordpress | 2 Easy Form, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through <= 2.7.8. | ||||
| CVE-2025-66095 | 2 Iqonic, Wordpress | 2 Kivicare, Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows SQL Injection.This issue affects KiviCare: from n/a through <= 3.6.13. | ||||
| CVE-2025-66088 | 2 Propertyhive, Wordpress | 2 Propertyhive, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in Property Hive PropertyHive propertyhive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PropertyHive: from n/a through <= 2.1.12. | ||||
| CVE-2025-66073 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Cozmoslabs WP Webhooks wp-webhooks allows Object Injection.This issue affects WP Webhooks: from n/a through <= 3.3.8. | ||||
| CVE-2025-66070 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through <= 2.4.10. | ||||
| CVE-2025-66054 | 2 Thimpress, Wordpress | 2 Learnpress, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through <= 4.2.9.4. | ||||
| CVE-2025-64378 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through < 2.9.10. | ||||
| CVE-2025-64373 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in shinetheme Traveler traveler allows PHP Local File Inclusion.This issue affects Traveler: from n/a through < 3.2.6. | ||||
| CVE-2025-64372 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through < 3.2.6. | ||||
| CVE-2025-64371 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through < 3.2.6. | ||||