Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (74646 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-62932 1 Wordpress 1 Wordpress 2026-04-01 8.8 High
Missing Authorization vulnerability in wprio Table Block by RioVizual riovizual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Table Block by RioVizual: from n/a through <= 3.0.0.
CVE-2025-62931 1 Wordpress 1 Wordpress 2026-04-01 8.8 High
Missing Authorization vulnerability in microsoftstart MSN Partner Hub microsoft-start allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MSN Partner Hub: from n/a through <= 2.9.
CVE-2025-62925 2 Conversios, Wordpress 2 Conversios.io, Wordpress 2026-04-01 8.1 High
Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through <= 7.2.13.
CVE-2025-62918 1 Wordpress 1 Wordpress 2026-04-01 8.8 High
Missing Authorization vulnerability in ignitionwp IgnitionDeck ignitiondeck allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IgnitionDeck: from n/a through <= 2.0.15.
CVE-2025-62916 1 Wordpress 1 Wordpress 2026-04-01 8.8 High
Missing Authorization vulnerability in Travon WP Flights &amp; Hotels Booking WP Plugin adiaha-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flights &amp; Hotels Booking WP Plugin: from n/a through <= 3.1.
CVE-2025-62902 2 Themehunk, Wordpress 2 Wp Popup Builder, Wordpress 2026-04-01 7.5 High
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk WP Popup Builder wp-popup-builder allows Retrieve Embedded Sensitive Data.This issue affects WP Popup Builder: from n/a through <= 1.3.8.
CVE-2025-62895 2 Atarim, Wordpress 2 Atarim, Wordpress 2026-04-01 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.1.
CVE-2025-62889 3 Elementor, Kingaddons, Wordpress 3 Elementor, King Addons For Elementor, Wordpress 2026-04-01 8.8 High
Missing Authorization vulnerability in KingAddons.com King Addons for Elementor king-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects King Addons for Elementor: from n/a through <= 51.1.61.
CVE-2025-62886 2 Wordpress, Wpdevart 2 Wordpress, Pricing Table Builder 2026-04-01 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder wpdevart-pricing-table allows Stored XSS.This issue affects Pricing Table builder: from n/a through <= 1.5.3.
CVE-2025-62152 2 Conveythis, Wordpress 2 Conveythis, Wordpress 2026-04-01 8.8 High
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 269.2.
CVE-2025-60248 2 Wordpress, Wpclever 2 Wordpress, Wpc Product Bundles For Woocommerce 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPClever WPC Product Options for WooCommerce wpc-product-options allows PHP Local File Inclusion.This issue affects WPC Product Options for WooCommerce: from n/a through <= 3.1.3.
CVE-2025-60244 1 Wordpress 1 Wordpress 2026-04-01 7.1 High
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in RealMag777 TableOn posts-table-filterable allows Code Injection.This issue affects TableOn: from n/a through <= 1.0.5.1.
CVE-2025-60222 3 Fantasticplugins, Woocommerce, Wordpress 3 Sumo Memberships For Woocommerce, Woocommerce, Wordpress 2026-04-01 8.8 High
Incorrect Privilege Assignment vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Privilege Escalation.This issue affects SUMO Memberships for WooCommerce: from n/a through <= 7.8.0.
CVE-2025-60201 1 Wordpress 1 Wordpress 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in aguilatechnologies WP Customer Area customer-area allows PHP Local File Inclusion.This issue affects WP Customer Area: from n/a through <= 8.3.4.
CVE-2025-60200 2 Thimpress, Wordpress 2 Learnpress Export Import, Wordpress 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows PHP Local File Inclusion.This issue affects LearnPress Export Import: from n/a through <= 4.1.2.
CVE-2025-60188 2 Atarim, Wordpress 2 Atarim, Wordpress 2026-04-01 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.1.
CVE-2025-60084 3 Add-ons.org, Elementor, Wordpress 3 Pdf-for-elementor-forms, Elementor, Wordpress 2026-04-01 8.6 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through <= 6.5.0.
CVE-2025-60083 3 Add-ons.org, Woocommerce, Wordpress 3 Pdf Invoice Builder For Woocommerce, Woocommerce, Wordpress 2026-04-01 8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Object Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 6.5.0.
CVE-2025-60082 2 Add-ons.org, Wordpress 2 Pdf For Wpforms, Wordpress 2026-04-01 8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through <= 6.5.0.
CVE-2025-60081 1 Wordpress 1 Wordpress 2026-04-01 8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through <= 6.5.0.