Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (334391 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-56208 2 Desertthemes, Wordpress 2 Newsmash, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in desertthemes NewsMash newsmash allows Stored XSS.This issue affects NewsMash: from n/a through <= 1.0.71.
CVE-2025-52744 2 Inpersttion, Wordpress 2 Inpersttion For Theme, Wordpress 2026-02-23 N/A
Improper Control of Generation of Code ('Code Injection') vulnerability in inpersttion Inpersttion For Theme err-our-team allows Code Injection.This issue affects Inpersttion For Theme: from n/a through <= 1.0.
CVE-2025-53217 2 Staviravn, Wordpress 2 Aio Wp Builder, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO WP Builder: from n/a through <= 2.0.2.
CVE-2025-53228 2 Jezza101, Wordpress 2 Bbpress Simple Advert Units, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jezza101 bbpress Simple Advert Units bbpress-simple-advert-units allows Reflected XSS.This issue affects bbpress Simple Advert Units: from n/a through <= 0.41.
CVE-2025-53231 2 Wordpress, Wpdevstudio 2 Wordpress, Easy Taxonomy Images 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevstudio Easy Taxonomy Images easy-taxonomy-images allows Stored XSS.This issue affects Easy Taxonomy Images: from n/a through <= 1.0.1.
CVE-2025-53233 2 Rylanh, Wordpress 2 Storyform, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RylanH Storyform storyform allows Reflected XSS.This issue affects Storyform: from n/a through <= 0.6.14.
CVE-2025-53237 2 Soflyy, Wordpress 2 Wp Wizard Cloak, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soflyy WP Wizard Cloak wp-wizard-cloak allows Reflected XSS.This issue affects WP Wizard Cloak: from n/a through <= 1.0.1.
CVE-2025-60087 2 Nenad-obradovic, Wordpress 2 Extensive Vc Addons For Wpbakery Page Builder, Wordpress 2026-02-23 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nenad Obradovic Extensive VC Addons for WPBakery page builder extensive-vc-addon allows PHP Local File Inclusion.This issue affects Extensive VC Addons for WPBakery page builder: from n/a through <= 1.9.1.
CVE-2025-60183 2 Silence, Wordpress 2 Silencesoft Rss Reader, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silence Silencesoft RSS Reader external-rss-reader allows Stored XSS.This issue affects Silencesoft RSS Reader: from n/a through <= 0.6.
CVE-2025-67547 2 Uixthemes, Wordpress 2 Konte, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in uixthemes Konte konte allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Konte: from n/a through <= 2.4.6.
CVE-2025-67624 2 Arya Dhiratara, Wordpress 2 Optimize More! – Images, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Arya Dhiratara Optimize More! &#8211; Images optimize-more-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Optimize More! &#8211; Images: from n/a through <= 1.1.3.
CVE-2025-67969 2 Knitpay, Wordpress 2 Upi Qr Code Payment Gateway For Woocommerce, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPI QR Code Payment Gateway for WooCommerce: from n/a through <= 1.5.1.
CVE-2025-67970 2 Vertim, Wordpress 2 Schedula, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in vertim Schedula schedula-smart-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schedula: from n/a through <= 1.0.
CVE-2025-67971 2 Wordpress, Wpmanageninja 2 Wordpress, Fluentcart 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPManageNinja FluentCart fluent-cart allows Reflected XSS.This issue affects FluentCart: from n/a through < 1.3.0.
CVE-2025-67972 2 Fox-themes, Wordpress 2 Prague, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Prague prague-plugins allows Reflected XSS.This issue affects Prague: from n/a through <= 2.2.8.
CVE-2025-67973 2 Sunshinephotocart, Wordpress 2 Sunshine Photo Cart, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.6.2.
CVE-2025-67974 2 Wordpress, Wplegalpages 2 Wordpress, Wp Legal Pages 2026-02-23 N/A
Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through <= 3.5.4.
CVE-2025-67975 2 Adirectory, Wordpress 2 Adirectory, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in aDirectory aDirectory adirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects aDirectory: from n/a through <= 3.0.3.
CVE-2025-67977 2 Villatheme, Wordpress 2 Happy, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through <= 1.0.8.
CVE-2025-67978 2 Fixbd, Wordpress 2 Educare, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FixBD Educare educare allows Reflected XSS.This issue affects Educare: from n/a through <= 1.6.1.