CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 10010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10010 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-58192	3 Wordpress, Xylus Themes, Xylusthemes	3 Wordpress, Wp Bulk Delete, Wp Bulk Delete	2026-04-01	5.4 Medium
Missing Authorization vulnerability in Xylus Themes WP Bulk Delete wp-bulk-delete allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bulk Delete: from n/a through <= 1.3.6.
CVE-2025-58029	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Sumit Singh Classic Widgets with Block-based Widgets classic-widgets-with-block-based-widgets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Classic Widgets with Block-based Widgets: from n/a through <= 1.0.1.
CVE-2025-58016	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Codexpert, Inc CF7 Submissions cf7-submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Submissions: from n/a through <= 0.26.
CVE-2025-58009	2 Cp Multi View Event Calendar Project, Wordpress	2 Cp Multi View Event Calendar, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through <= 1.4.35.
CVE-2025-58004	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in SmartDataSoft DriCub dricub-driving-school allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DriCub: from n/a through <= 2.9.
CVE-2025-58003	2 Javothemes, Wordpress	2 Javo Core, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Javo Core: from n/a through <= 3.0.0.266.
CVE-2025-58000	2 Memberful, Wordpress	2 Memberful, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in memberful Memberful - Membership Plugin memberful-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberful - Membership Plugin: from n/a through <= 1.75.0.
CVE-2025-57997	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Trustpilot Trustpilot Reviews trustpilot-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trustpilot Reviews: from n/a through <= 2.5.925.
CVE-2025-57995	2 Detheme, Wordpress	2 Dethemekit For Elementor, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Detheme DethemeKit For Elementor dethemekit-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DethemeKit For Elementor: from n/a through <= 2.1.10.
CVE-2025-57991	2 Clariti, Wordpress	2 Clariti, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Clariti Clariti clariti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clariti: from n/a through <= 1.2.1.
CVE-2025-57990	2 Solwininfotech, Wordpress	2 Blog Designer, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in solwininfotech Blog Designer blog-designer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blog Designer: from n/a through <= 3.1.8.
CVE-2025-57987	2 Thimpress, Wordpress	2 Wp Events Manager, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in ThimPress WP Events Manager wp-events-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Events Manager: from n/a through <= 2.2.1.
CVE-2025-57985	2 Mantrabrain, Wordpress	2 Ultimate Watermark, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in MantraBrain Ultimate Watermark ultimate-watermark allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Watermark: from n/a through <= 1.1.
CVE-2025-57976	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in CardCom CardCom Payment Gateway woo-cardcom-payment-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CardCom Payment Gateway: from n/a through <= 3.5.0.7.
CVE-2025-57975	2 Radiustheme, Wordpress	2 Team, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.6.
CVE-2025-57972	3 Woocommerce, Wordpress, Wpfactory	3 Woocommerce, Wordpress, Helpdesk Support Ticket System	2026-04-01	N/A
Missing Authorization vulnerability in WPFactory Helpdesk Support Ticket System for WooCommerce support-ticket-system-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Helpdesk Support Ticket System for WooCommerce: from n/a through <= 2.1.1.
CVE-2025-57971	2 Salesmanago, Wordpress	2 Salesmanago, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago & Leadoo: from n/a through <= 3.8.1.
CVE-2025-57969	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Jeremy Saxey Hide WP Toolbar hide-wp-toolbar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hide WP Toolbar: from n/a through <= 2.7.
CVE-2025-57961	2 Codexpert, Wordpress	2 Codesigner, Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Codexpert, Inc CoDesigner woolementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoDesigner: from n/a through <= 4.29.
CVE-2025-57958	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in WPXPO WowAddons product-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowAddons: from n/a through <= 1.6.3.

« first previous Page 15 of 501. next last »