Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10008 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-54739 2 Posimyth, Wordpress 2 Nexter Blocks, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through <= 4.5.4.
CVE-2025-54734 2 Bplugins, Wordpress 2 B Slider, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in bPlugins B Slider b-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Slider: from n/a through <= 1.1.30.
CVE-2025-54733 2026-04-01 N/A
Missing Authorization vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.28.
CVE-2025-54730 2 Pareto Digital, Wordpress 2 Embedder For Google Reviews, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in PARETO Digital Embedder for Google Reviews embedder-for-google-reviews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Embedder for Google Reviews: from n/a through <= 1.7.3.
CVE-2025-54717 2 E-plugins, Wordpress 2 Wp Membership, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through <= 1.6.3.
CVE-2025-54714 2 Dylanjames, Wordpress 2 Zephyr Project Manager, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through <= 3.3.201.
CVE-2025-54712 3 Elementor, Hashthemes, Wordpress 3 Elementor, Easy Elementor Addons, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Elementor Addons: from n/a through <= 2.2.7.
CVE-2025-54710 2 Bplugins, Wordpress 2 Tiktok Feed Plugin, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in bPlugins Tiktok Feed b-tiktok-feed allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Tiktok Feed: from n/a through <= 1.0.21.
CVE-2025-54705 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 4.4.6.
CVE-2025-54695 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in DevItems HT Mega ht-mega-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HT Mega: from n/a through <= 2.9.0.
CVE-2025-54692 2 Wordpress, Wpswings 2 Wordpress, Membership For Woocommerce 2026-04-01 N/A
Missing Authorization vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Membership For WooCommerce: from n/a through <= 2.9.0.
CVE-2025-54679 2 Vertim, Wordpress 2 Neon Channel Product Customizer Free, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in vertim Neon Channel Product Customizer Free neon-channel-product-customizer-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Neon Channel Product Customizer Free: from n/a through <= 2.0.
CVE-2025-54047 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in QuanticaLabs Cost Calculator ql-cost-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator: from n/a through <= 7.4.
CVE-2025-54040 2 Webba-booking, Wordpress 2 Webba Booking, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webba Booking: from n/a through <= 5.1.20.
CVE-2025-54037 2 Blazethemes, Wordpress 2 News Kit Elementor Addons, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through <= 1.3.4.
CVE-2025-54025 2 Relywp, Wordpress 2 Coupon Affiliates, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through <= 6.4.0.
CVE-2025-54018 2 Creativemindssolutions, Wordpress 2 Cm Pop-up Banners, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Pop-Up banners: from n/a through <= 1.8.4.
CVE-2025-54011 2026-04-01 N/A
Missing Authorization vulnerability in SMTP2GO SMTP2GO smtp2go allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMTP2GO: from n/a through <= 1.12.1.
CVE-2025-53997 2 Favethemes, Wordpress 2 Houzez, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in favethemes Houzez houzez allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Houzez: from n/a through <= 4.0.4.
CVE-2025-53986 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in themeisle Hestia hestia allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hestia: from n/a through <= 3.2.10.