Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7278 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-47457 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in dgamoni LocateAndFilter locateandfilter allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LocateAndFilter: from n/a through <= 1.6.16.
CVE-2025-47450 2026-04-01 N/A
Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple File List: from n/a through <= 6.1.13.
CVE-2025-47444 2 Liquidweb, Wordpress 2 Givewp, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through <= 1.32.1.
CVE-2025-46519 2026-04-01 N/A
Missing Authorization vulnerability in M.Code Media Library Downloader media-library-downloader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library Downloader: from n/a through <= 1.3.1.
CVE-2025-46489 2026-04-01 N/A
Missing Authorization vulnerability in vinodvaswani9 Bulk Assign Linked Products For WooCommerce wc-bulk-assign-linked-products allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bulk Assign Linked Products For WooCommerce: from n/a through <= 2.1.
CVE-2025-46488 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in dastan800 Visual Builder visual-builder allows Reflected XSS.This issue affects Visual Builder: from n/a through <= 1.2.2.
CVE-2025-46485 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through <= 1.6.5.
CVE-2025-46470 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Peter Raschendorfer Smart Hashtags [#hashtagger] hashtagger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Hashtags [#hashtagger]: from n/a through <= 7.2.3.
CVE-2025-46247 1 Codepeople 1 Appointment Booking Calendar 2026-04-01 9.8 Critical
Missing Authorization vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Appointment Booking Calendar: from n/a through <= 1.3.92.
CVE-2025-46244 1 Multidots 1 Advanced Linked Variations For Woocommerce 2026-04-01 9.8 Critical
Missing Authorization vulnerability in Dotstore Advanced Linked Variations for Woocommerce linked-variation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Linked Variations for Woocommerce: from n/a through <= 1.0.3.
CVE-2025-46232 1 Alttext 1 Alt Text Ai 2026-04-01 8.8 High
Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through <= 1.9.93.
CVE-2025-43838 2026-04-01 N/A
Missing Authorization vulnerability in ChoPlugins.com Custom PC Builder Lite for WooCommerce custom-pc-builder-lite-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom PC Builder Lite for WooCommerce: from n/a through <= 1.0.1.
CVE-2025-3702 2 Melapress, Wordpress 2 Melapress File Monitor, Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Melapress Melapress File Monitor website-file-changes-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Melapress File Monitor: from n/a through < 2.2.0.
CVE-2025-3701 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Malcure Web Security Malcure Malware Scanner wp-malware-removal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Malcure Malware Scanner: from n/a through <= 16.8.
CVE-2025-39602 2026-04-01 N/A
Missing Authorization vulnerability in WC Product Table WooCommerce Product Table Lite wc-product-table-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Product Table Lite: from n/a through <= 3.9.5.
CVE-2025-39591 2026-04-01 N/A
Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through <= 1.2.3.
CVE-2025-39583 2026-04-01 N/A
Missing Authorization vulnerability in Bertha AI &#8211; Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/a through <= 1.12.10.2.
CVE-2025-39580 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in jidaikobo Dashi dashi allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dashi: from n/a through <= 3.1.8.
CVE-2025-39571 1 Wpxpo 1 Wowstore 2026-04-01 N/A
Missing Authorization vulnerability in WPXPO WowStore product-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowStore: from n/a through <= 4.2.4.
CVE-2025-39560 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Shahjada Live Forms liveforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Forms: from n/a through <= 4.8.4.