Search

Expected end of text, found '™' (at char 41), (line:1, col:42)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (343482 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-39561 2 Wordpress, Wp Chill 2 Wordpress, Revive.so 2026-04-08 N/A
Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.7.
CVE-2026-39562 2 Boldgrid, Wordpress 2 Client Invoicing By Sprout Invoices, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.10.
CVE-2026-39602 2 Rustaurius, Wordpress 2 Order Tracking, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3.
CVE-2026-39609 2 Wava.co, Wordpress 2 Wava Payment, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in Wava.co Wava Payment wava-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wava Payment: from n/a through <= 0.3.7.
CVE-2026-39610 2 Pankaj Kumar, Wordpress 2 Wpxmas-snow, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in Pankaj Kumar WpXmas-Snow wpxmas-snow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpXmas-Snow: from n/a through <= 1.1.
CVE-2026-39611 2 Kutethemes, Wordpress 2 Kuteshop, Wordpress 2026-04-08 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes KuteShop kuteshop allows PHP Local File Inclusion.This issue affects KuteShop: from n/a through <= 4.2.9.
CVE-2026-39613 2 Kutethemes, Wordpress 2 Boutique, Wordpress 2026-04-08 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through <= 2.3.3.
CVE-2026-39615 2 Shahjada, Wordpress 2 Download Manager, Wordpress 2026-04-08 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahjada Download Manager download-manager allows Stored XSS.This issue affects Download Manager: from n/a through <= 3.3.53.
CVE-2026-39618 2 Themearile, Wordpress 2 Newsexo, Wordpress 2026-04-08 N/A
Cross-Site Request Forgery (CSRF) vulnerability in themearile NewsExo newsexo allows Cross Site Request Forgery.This issue affects NewsExo: from n/a through <= 7.1.
CVE-2026-39619 2 Priyanshumittal, Wordpress 2 Busiprof, Wordpress 2026-04-08 N/A
Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Busiprof busiprof allows Upload a Web Shell to a Web Server.This issue affects Busiprof: from n/a through <= 2.5.2.
CVE-2026-39622 2 Acmethemes, Wordpress 2 Education Base, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through <= 3.0.8.
CVE-2026-39641 2 Skywarrior, Wordpress 2 Blackfyre, Wordpress 2026-04-08 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through <= 2.5.4.
CVE-2026-39645 2 Global Payments, Wordpress 2 Globalpayments Woocommerce, Wordpress 2026-04-08 N/A
Server-Side Request Forgery (SSRF) vulnerability in Global Payments GlobalPayments WooCommerce global-payments-woocommerce allows Server Side Request Forgery.This issue affects GlobalPayments WooCommerce: from n/a through <= 1.18.0.
CVE-2026-39648 2 Themebeez, Wordpress 2 Cream Blog, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through <= 2.1.7.
CVE-2026-39649 2 Themebeez, Wordpress 2 Royale News, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through <= 2.2.4.
CVE-2026-39653 2026-04-08 N/A
Missing Authorization vulnerability in Deepen Bajracharya Video Conferencing with Zoom video-conferencing-with-zoom-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Conferencing with Zoom: from n/a through <= 4.6.6.
CVE-2026-39658 2 Coding Panda, Wordpress 2 Panda Pods Repeater Field, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in Coding Panda Panda Pods Repeater Field panda-pods-repeater-field allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panda Pods Repeater Field: from n/a through <= 1.5.12.
CVE-2026-39659 2 Ultimatemember, Wordpress 2 Ultimate Member, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through <= 2.11.3.
CVE-2026-39660 2 Automattic, Wordpress 2 Wp Job Manager, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.1.
CVE-2026-39664 2 Leadrebel, Wordpress 2 Leadrebel, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadrebel: from n/a through <= 1.0.2.