CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 10022 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10022 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-24577	1 Ays-pro	1 Poll Maker	2026-04-01	9.8 Critical
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 5.5.0.
CVE-2025-24571			2026-04-01	N/A
Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through <= 1.78.258.
CVE-2025-23999			2026-04-01	N/A
Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through <= 2.2.13.
CVE-2025-23991			2026-04-01	N/A
Missing Authorization vulnerability in Dotstore Product Size Charts Plugin for WooCommerce woo-advanced-product-size-chart.This issue affects Product Size Charts Plugin for WooCommerce: from n/a through <= 2.4.5.
CVE-2025-23982			2026-04-01	N/A
Missing Authorization vulnerability in Gopi krishnan Fare Calculator fare-calculator allows Stored XSS.This issue affects Fare Calculator: from n/a through <= 1.1.
CVE-2025-23971	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through <= 5.5.15.
CVE-2025-23963	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through <= 2.2.4.
CVE-2025-23962			2026-04-01	N/A
Missing Authorization vulnerability in jjtrabucco Goldstar goldstar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Goldstar: from n/a through <= 2.1.1.
CVE-2025-23961			2026-04-01	N/A
Missing Authorization vulnerability in wptasker WordPress Graphs & Charts graph-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Graphs & Charts: from n/a through <= 2.0.8.
CVE-2025-23958	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in FADI MED Editor Wysiwyg Background Color editor-wysiwyg-background-color allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Editor Wysiwyg Background Color: from n/a through <= 1.0.
CVE-2025-23957	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in surdotly Sur.ly surly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sur.ly: from n/a through <= 3.0.3.
CVE-2025-23955	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in xola Xola xola-bookings-for-tours-activities allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xola: from n/a through <= 1.6.
CVE-2025-23954	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in awcode Salvador – AI Image Generator salvador-ai-image-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salvador – AI Image Generator: from n/a through <= 1.0.11.
CVE-2025-23930			2026-04-01	N/A
Missing Authorization vulnerability in paypalmuse PayPal Marketing Solutions paypal-promotions-and-insights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayPal Marketing Solutions: from n/a through <= 1.2.
CVE-2025-23929			2026-04-01	N/A
Missing Authorization vulnerability in wishfulthemes Email Capture & Lead Generation email-capture-lead-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email Capture & Lead Generation: from n/a through <= 1.0.2.
CVE-2025-23916			2026-04-01	N/A
Missing Authorization vulnerability in Nuanced Media WP Meetup wp-meetup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meetup: from n/a through <= 2.3.0.
CVE-2025-23862			2026-04-01	N/A
Missing Authorization vulnerability in SzMake Contact Form 7 Anti Spambot contact-form-7-anti-spambot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 Anti Spambot: from n/a through <= 1.0.1.
CVE-2025-23849	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in bpiwowar PAPERCITE papercite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PAPERCITE: from n/a through <= 0.5.18.
CVE-2025-23785			2026-04-01	N/A
Missing Authorization vulnerability in August Infotech AI Responsive Gallery Album ai-responsive-gallery-album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Responsive Gallery Album: from n/a through <= 1.4.
CVE-2025-23778			2026-04-01	N/A
Missing Authorization vulnerability in Pravin Durugkar User Sync ActiveCampaign registered-user-sync-activecampaign allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Sync ActiveCampaign: from n/a through <= 1.3.2.

« first previous Page 44 of 502. next last »