Export limit exceeded: 334371 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334371 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68042 | 2 Travelpayouts, Wordpress | 2 Travelpayouts, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in Travelpayouts Travelpayouts travelpayouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelpayouts: from n/a through <= 1.2.1. | ||||
| CVE-2025-68043 | 2 Lottiefiles, Wordpress | 2 Lottiefiles, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LottieFiles: from n/a through <= 3.0.0. | ||||
| CVE-2025-68048 | 2 Wordpress, Xlplugins | 2 Wordpress, Nextmove | 2026-02-23 | N/A |
| Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through <= 2.23.0. | ||||
| CVE-2025-68050 | 2 Leadpages, Wordpress | 2 Leadpages, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in Leadpages Leadpages leadpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadpages: from n/a through <= 1.1.3. | ||||
| CVE-2026-25747 | 1 Apache | 1 Camel | 2026-02-23 | N/A |
| Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB component. The Camel-LevelDB DefaultLevelDBSerializer class deserializes data read from the LevelDB aggregation repository using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. An attacker who can write to the LevelDB database files used by a Camel application can inject a crafted serialized Java object that, when deserialized during normal aggregation repository operations, results in arbitrary code execution in the context of the application. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.5, from 4.15.0 before 4.18.0. Users are recommended to upgrade to version 4.18.0, which fixes the issue. For the 4.10.x LTS releases, users are recommended to upgrade to 4.10.9, while for 4.14.x LTS releases, users are recommended to upgrade to 4.14.5 | ||||
| CVE-2025-68051 | 2 Shiprocket, Wordpress | 2 Shiprocket, Wordpress | 2026-02-23 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in Shiprocket Shiprocket shiprocket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiprocket: from n/a through <= 2.0.8. | ||||
| CVE-2025-68069 | 2 Wordpress, Wpwax | 2 Wordpress, Directorist | 2026-02-23 | N/A |
| Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through <= 8.5.10. | ||||
| CVE-2025-68495 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2026-02-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through <= 3.8.0. | ||||
| CVE-2025-68501 | 2 Mollie, Wordpress | 2 Mollie Payments For Woocommerce, Wordpress | 2026-02-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mollie Mollie Payments for WooCommerce mollie-payments-for-woocommerce allows Reflected XSS.This issue affects Mollie Payments for WooCommerce: from n/a through <= 8.1.1. | ||||
| CVE-2025-68514 | 2 Cozmoslabs, Wordpress | 2 Paid Member Subscriptions, Wordpress | 2026-02-23 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Paid Member Subscriptions: from n/a through <= 2.16.8. | ||||
| CVE-2025-68526 | 2 A Wp Life, Wordpress | 2 Modal Popup Box, Wordpress | 2026-02-23 | N/A |
| Deserialization of Untrusted Data vulnerability in A WP Life Modal Popup Box modal-popup-box allows Object Injection.This issue affects Modal Popup Box: from n/a through <= 1.6.1. | ||||
| CVE-2025-68531 | 2 Modeltheme, Wordpress | 2 Addons For Wpbakery And Elementor, Wordpress | 2026-02-23 | N/A |
| Deserialization of Untrusted Data vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Object Injection.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through < 1.5.6. | ||||
| CVE-2025-68534 | 2 Add-ons.org, Wordpress | 2 Pdf For Wpforms, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through <= 6.3.0. | ||||
| CVE-2025-68536 | 2 Thembay, Wordpress | 2 Zota, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through <= 1.3.14. | ||||
| CVE-2025-68539 | 2 Thembay, Wordpress | 2 Fana, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through <= 1.1.35. | ||||
| CVE-2025-68541 | 2 Boldthemes, Wordpress | 2 Ippsum, Wordpress | 2026-02-23 | N/A |
| Deserialization of Untrusted Data vulnerability in BoldThemes Ippsum ippsum allows Object Injection.This issue affects Ippsum: from n/a through <= 1.2.0. | ||||
| CVE-2025-68542 | 2 Vgdevsolutions, Wordpress | 2 Checkout Gateway For Iris, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in vgdevsolutions Checkout Gateway for IRIS checkout-gateway-iris allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout Gateway for IRIS: from n/a through <= 1.3. | ||||
| CVE-2025-68543 | 2 Thembay, Wordpress | 2 Diza, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: from n/a through <= 1.3.15. | ||||
| CVE-2025-68545 | 2 Thembay, Wordpress | 2 Nika, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through <= 1.2.14. | ||||
| CVE-2025-68549 | 2 Wordpress, Zozothemes | 2 Wordpress, Wiguard | 2026-02-23 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Wiguard wiguard allows Upload a Web Shell to a Web Server.This issue affects Wiguard: from n/a through < 2.0.1. | ||||