Export limit exceeded: 10313 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10313 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68534 | 2 Add-ons.org, Wordpress | 2 Pdf For Wpforms, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through <= 6.3.0. | ||||
| CVE-2025-68536 | 2 Thembay, Wordpress | 2 Zota, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through <= 1.3.14. | ||||
| CVE-2025-68539 | 2 Thembay, Wordpress | 2 Fana, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through <= 1.1.35. | ||||
| CVE-2025-68541 | 2 Boldthemes, Wordpress | 2 Ippsum, Wordpress | 2026-02-23 | N/A |
| Deserialization of Untrusted Data vulnerability in BoldThemes Ippsum ippsum allows Object Injection.This issue affects Ippsum: from n/a through <= 1.2.0. | ||||
| CVE-2025-68542 | 2 Vgdevsolutions, Wordpress | 2 Checkout Gateway For Iris, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in vgdevsolutions Checkout Gateway for IRIS checkout-gateway-iris allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout Gateway for IRIS: from n/a through <= 1.3. | ||||
| CVE-2025-68543 | 2 Thembay, Wordpress | 2 Diza, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: from n/a through <= 1.3.15. | ||||
| CVE-2025-68545 | 2 Thembay, Wordpress | 2 Nika, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through <= 1.2.14. | ||||
| CVE-2025-68549 | 2 Wordpress, Zozothemes | 2 Wordpress, Wiguard | 2026-02-23 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Wiguard wiguard allows Upload a Web Shell to a Web Server.This issue affects Wiguard: from n/a through < 2.0.1. | ||||
| CVE-2025-68552 | 2 Webcodingplace, Wordpress | 2 Woocommerce Coming Soon Product With Countdown, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product allows PHP Local File Inclusion.This issue affects WooCommerce Coming Soon Product with Countdown: from n/a through <= 5.0. | ||||
| CVE-2025-68564 | 2 Sendy, Wordpress | 2 Sendy, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through <= 3.4.2. | ||||
| CVE-2025-68834 | 2 Saiful Islam, Wordpress | 2 Sync Master Sheet – Product Sync With Google Sheet For Woocommerce, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in Saiful Islam Sync Master Sheet – Product Sync with Google Sheet for WooCommerce product-sync-master-sheet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sync Master Sheet – Product Sync with Google Sheet for WooCommerce: from n/a through <= 1.1.3. | ||||
| CVE-2025-68837 | 2 Elextensions, Wordpress | 2 Elex Wordpress Helpdesk & Customer Ticketing System, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a through <= 3.3.5. | ||||
| CVE-2025-68841 | 2 Themepul, Wordpress | 2 Topperpack – Complete Elementor Addons, Theme & Cpt Builder, Wordpress | 2026-02-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder topper-pack allows PHP Local File Inclusion.This issue affects TopperPack – Complete Elementor Addons, Theme & CPT Builder: from n/a through <= 1.2.1. | ||||
| CVE-2025-68853 | 2 Kleor, Wordpress | 2 Contact Manager, Wordpress | 2026-02-23 | N/A |
| Deserialization of Untrusted Data vulnerability in Kleor Contact Manager contact-manager allows Object Injection.This issue affects Contact Manager: from n/a through <= 9.1.1. | ||||
| CVE-2025-68855 | 2 Themeglow, Wordpress | 2 Jobboard Job Listing, Wordpress | 2026-02-23 | N/A |
| Insertion of Sensitive Information Into Sent Data vulnerability in themeglow JobBoard Job listing job-board-light allows Retrieve Embedded Sensitive Data.This issue affects JobBoard Job listing: from n/a through <= 1.2.8. | ||||
| CVE-2025-68862 | 2 Murtaza Bhurgri, Wordpress | 2 Woo File Dropzone, Wordpress | 2026-02-23 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Murtaza Bhurgri Woo File Dropzone woo-file-dropzone allows Path Traversal.This issue affects Woo File Dropzone: from n/a through <= 1.1.7. | ||||
| CVE-2025-68895 | 2 Ahachat, Wordpress | 2 Ahachat Messenger Marketing, Wordpress | 2026-02-23 | N/A |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in ahachat AhaChat Messenger Marketing ahachat-messenger-marketing allows Password Recovery Exploitation.This issue affects AhaChat Messenger Marketing: from n/a through <= 1.1. | ||||
| CVE-2025-69011 | 2 Wordpress, Wpkube | 2 Wordpress, Cool Tag Cloud | 2026-02-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPKube Cool Tag Cloud cool-tag-cloud allows Stored XSS.This issue affects Cool Tag Cloud: from n/a through <= 2.29. | ||||
| CVE-2025-69063 | 2 Saad Iqbal, Wordpress | 2 New User Approve, Wordpress | 2026-02-23 | N/A |
| Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through <= 3.2.0. | ||||
| CVE-2025-69294 | 2 Fuelthemes, Wordpress | 2 Peakshops, Wordpress | 2026-02-23 | N/A |
| Deserialization of Untrusted Data vulnerability in fuelthemes PeakShops peakshops allows Object Injection.This issue affects PeakShops: from n/a through <= 1.5.9. | ||||