Search

Expected end of text, found '/' (at char 62), (line:1, col:63)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (338305 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-13460 1 Ibm 1 Aspera Console 2026-03-16 5.3 Medium
IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy.
CVE-2026-32349 2 Andy Fragen, Wordpress 2 Embed Pdf Viewer, Wordpress 2026-03-16 4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Andy Fragen Embed PDF Viewer embed-pdf-viewer allows Server Side Request Forgery.This issue affects Embed PDF Viewer: from n/a through <= 2.4.7.
CVE-2026-32352 2 Elementor, Wordpress 2 Elementor Website Builder, Wordpress 2026-03-16 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows DOM-Based XSS.This issue affects Elementor Website Builder: from n/a through <= 3.35.5.
CVE-2026-32355 2 Crocoblock, Wordpress 2 Jetengine, Wordpress 2026-03-16 8.8 High
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through < 3.8.4.1.
CVE-2026-32364 2 Redqteam, Wordpress 2 Turbo Manager, Wordpress 2026-03-16 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in redqteam Turbo Manager turbo-manager allows PHP Local File Inclusion.This issue affects Turbo Manager: from n/a through < 4.0.8.
CVE-2026-32374 2 Raratheme, Wordpress 2 The Minimal, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in raratheme The Minimal the-minimal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Minimal: from n/a through <= 1.2.9.
CVE-2026-32377 2 Raratheme, Wordpress 2 Pranayama Yoga, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in raratheme Pranayama Yoga pranayama-yoga allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pranayama Yoga: from n/a through <= 1.2.2.
CVE-2026-32393 2 Creatives Planet, Wordpress 2 Greenly Theme Addons, Wordpress 2026-03-16 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through < 8.2.
CVE-2026-32400 2 Themetechmount, Wordpress 2 Boldman, Wordpress 2026-03-16 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affects Boldman: from n/a through <= 7.7.
CVE-2026-32401 2 Boldgrid, Wordpress 2 Client Invoicing By Sprout Invoices, Wordpress 2026-03-16 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows PHP Local File Inclusion.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.9.
CVE-2026-32403 2 Toocheke, Wordpress 2 Toocheke Companion, Wordpress 2026-03-16 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows DOM-Based XSS.This issue affects Toocheke Companion: from n/a through <= 1.194.
CVE-2026-32405 2 Wordpress, Xtemos 2 Wordpress, Woodmart 2026-03-16 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a through <= 8.3.9.
CVE-2026-32406 2 Wordpress, Wpclever 2 Wordpress, Wpc Product Bundles For Woocommerce 2026-03-16 4.3 Medium
Missing Authorization vulnerability in WPClever WPC Product Bundles for WooCommerce woo-product-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Product Bundles for WooCommerce: from n/a through <= 8.4.5.
CVE-2026-32408 2 Themefusecom, Wordpress 2 Brizy, Wordpress 2026-03-16 4.3 Medium
Missing Authorization vulnerability in themefusecom Brizy brizy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy: from n/a through <= 2.7.23.
CVE-2026-32410 2 Woobewoo, Wordpress 2 Wbw Currency Switcher For Woocommerce, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in WBW Plugins WBW Currency Switcher for WooCommerce woo-currency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WBW Currency Switcher for WooCommerce: from n/a through <= 2.2.5.
CVE-2026-32419 2 Fernandobriano, Wordpress 2 List Category Posts, Wordpress 2026-03-16 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fernando Briano List category posts list-category-posts allows DOM-Based XSS.This issue affects List category posts: from n/a through <= 0.93.1.
CVE-2026-32423 2 Bowo, Wordpress 2 Admin And Site Enhancements Ase, Wordpress 2026-03-16 5.4 Medium
Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements (ASE): from n/a through <= 8.4.0.
CVE-2026-32427 2 Vowelweb, Wordpress 2 Vw Education Lite, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in vowelweb VW Education Lite vw-education-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Education Lite: from n/a through <= 2.2.0.
CVE-2026-32428 2 Ays-pro, Wordpress 2 Popup Like Box, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through <= 3.7.7.
CVE-2026-32430 2 Ideabox, Wordpress 2 Powerpack Addons For Elementor, Wordpress 2026-03-16 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through <= 2.9.9.