CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9844 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-57958	1 Wordpress	1 Wordpress	2025-09-24	5.3 Medium
Missing Authorization vulnerability in WPXPO WowAddons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WowAddons: from n/a through 1.0.17.
CVE-2025-57957	1 Wordpress	1 Wordpress	2025-09-24	5.3 Medium
Missing Authorization vulnerability in wpcraft WooMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooMS: from n/a through 9.12.
CVE-2025-57955	2 Plugin-devs, Wordpress	2 Post Carousel Slider For Elementor, Wordpress	2025-09-24	6.5 Medium
Missing Authorization vulnerability in Plugin Devs Post Carousel Slider for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Post Carousel Slider for Elementor: from n/a through 1.7.0.
CVE-2025-57944	2 Skimlinks, Wordpress	2 Affiliate Marketing Tool, Wordpress	2025-09-24	5.3 Medium
Missing Authorization vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Skimlinks Affiliate Marketing Tool: from n/a through 1.3.
CVE-2025-8285	1 Mattermost	2 Confluence, Mattermost	2025-09-24	4 Medium
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API call to the create channel subscription endpoint.
CVE-2025-57917	3 Printcart, Woocommerce, Wordpress	3 Web To Print Product Designer, Woocommerce, Wordpress	2025-09-23	4.3 Medium
Missing Authorization vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through 2.4.3.
CVE-2025-57605	1 Aikaan	1 Iot Platform	2025-09-23	8.8 High
Lack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their privileges by assigning themselves as admins of other departments. This results in unauthorized privilege escalation across the department
CVE-2025-55077	3 Microsoft, Tyler Technologies, Tylertech	3 Windows, Erp Pro 9 Saas, Erp Pro 9	2025-09-23	7.4 High
Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands within the remote Microsoft Windows environment with the privileges of the authenticated user. Tyler Technologies deployed hardened remote Windows environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01.
CVE-2025-58016	1 Wordpress	1 Wordpress	2025-09-23	4.3 Medium
Missing Authorization vulnerability in Codexpert, Inc CF7 Submissions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 Submissions: from n/a through 0.26.
CVE-2025-57997	1 Wordpress	1 Wordpress	2025-09-23	4.3 Medium
Missing Authorization vulnerability in Trustpilot Trustpilot Reviews allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trustpilot Reviews: from n/a through 2.5.925.
CVE-2025-57995	2 Detheme, Wordpress	2 Dethemekit For Elementor, Wordpress	2025-09-23	4.3 Medium
Missing Authorization vulnerability in Detheme DethemeKit For Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DethemeKit For Elementor: from n/a through 2.1.10.
CVE-2025-57991	2 Clariti, Wordpress	2 Clariti, Wordpress	2025-09-23	5.4 Medium
Missing Authorization vulnerability in Clariti Clariti allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clariti: from n/a through 1.2.1.
CVE-2025-57990	2 Solwininfotech, Wordpress	2 Blog Designer, Wordpress	2025-09-23	5.4 Medium
Missing Authorization vulnerability in solwininfotech Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Blog Designer: from n/a through 3.1.8.
CVE-2025-57936	2 Meitar, Wordpress	2 Subresource Integrity Manager, Wordpress	2025-09-23	4.3 Medium
Missing Authorization vulnerability in Meitar Subresource Integrity (SRI) Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Subresource Integrity (SRI) Manager: from n/a through 0.4.0.
CVE-2025-53452	2 Barry, Wordpress	2 Event Rocket, Wordpress	2025-09-23	4.3 Medium
Missing Authorization vulnerability in Barry Event Rocket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Event Rocket: from n/a through 3.3.
CVE-2025-59581	1 Wordpress	1 Wordpress	2025-09-23	6.5 Medium
Missing Authorization vulnerability in VW THEMES Ibtana allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ibtana: from n/a through 1.2.5.3.
CVE-2025-59576	2 Stylemixthemes, Wordpress	2 Masterstudy Lms, Wordpress	2025-09-23	6.5 Medium
Missing Authorization vulnerability in Stylemix MasterStudy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MasterStudy LMS: from n/a through 3.6.20.
CVE-2025-59567	2 Relywp, Wordpress	2 Coupon Affiliates, Wordpress	2025-09-23	4.3 Medium
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.8.0.
CVE-2025-59551	1 Wordpress	1 Wordpress	2025-09-23	4.3 Medium
Missing Authorization vulnerability in WP Chill Revive.so allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Revive.so: from n/a through 2.0.6.
CVE-2025-58968	1 Wordpress	1 Wordpress	2025-09-23	5 Medium
Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MaxiBlocks: from n/a through 2.1.3.

« first previous Page 130 of 493. next last »