CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 34736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9844 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-30945	1 Taskbuilder	1 Taskbuilder	2025-06-24	5.3 Medium
Missing Authorization vulnerability in taskbuilder Taskbuilder allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Taskbuilder: from n/a through 4.0.3.
CVE-2025-1233	1 Althemist	1 Lafka Plugin	2025-06-24	4.3 Medium
The Lafka Plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'lafka_options_upload' AJAX function in all versions up to, and including, 7.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the theme option that overrides the site.
CVE-2025-49969			2025-06-23	4.3 Medium
Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zara 4 Image Compression: from n/a through 1.2.17.2.
CVE-2025-49970			2025-06-23	4.3 Medium
Missing Authorization vulnerability in sparklewpthemes Hello FSE Blog allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hello FSE Blog: from n/a through 1.0.6.
CVE-2025-49971			2025-06-23	4.3 Medium
Missing Authorization vulnerability in aThemeArt Translations eDS Responsive Menu allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects eDS Responsive Menu: from n/a through 1.2.
CVE-2025-49973			2025-06-23	4.3 Medium
Missing Authorization vulnerability in GrandPlugins Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes: from n/a through 1.0.9.
CVE-2025-49974			2025-06-23	4.3 Medium
Missing Authorization vulnerability in upstreamplugin UpStream: a Project Management Plugin for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects UpStream: a Project Management Plugin for WordPress: from n/a through 2.1.0.
CVE-2025-49976			2025-06-23	4.3 Medium
Missing Authorization vulnerability in WANotifier WANotifier allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WANotifier: from n/a through 2.7.7.
CVE-2025-49979			2025-06-23	4.3 Medium
Missing Authorization vulnerability in slui Media Hygiene allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Media Hygiene: from n/a through 4.0.1.
CVE-2025-49980			2025-06-23	4.3 Medium
Missing Authorization vulnerability in WP Event Manager WP User Profile Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Profile Avatar: from n/a through 1.0.6.
CVE-2025-49981			2025-06-23	4.3 Medium
Missing Authorization vulnerability in mahabub81 User Roles and Capabilities allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects User Roles and Capabilities: from n/a through 1.2.6.
CVE-2025-49986			2025-06-23	5.3 Medium
Missing Authorization vulnerability in thanhtungtnt Video List Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Video List Manager: from n/a through 1.7.
CVE-2025-52802			2025-06-23	7.5 High
Missing Authorization vulnerability in enguerranws Import YouTube videos as WP Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Import YouTube videos as WP Posts: from n/a through 2.1.
CVE-2025-49991			2025-06-23	5.3 Medium
Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14.
CVE-2025-49997			2025-06-23	5.3 Medium
Missing Authorization vulnerability in Syed Balkhi Giveaways and Contests by RafflePress allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Giveaways and Contests by RafflePress: from n/a through 1.12.17.
CVE-2025-49989			2025-06-23	5.3 Medium
Missing Authorization vulnerability in App Cheap App Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects App Builder: from n/a through 5.5.3.
CVE-2025-49988			2025-06-23	5.3 Medium
Missing Authorization vulnerability in Renzo Contact Form 7 AWeber Extension allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Contact Form 7 AWeber Extension: from n/a through 0.1.38.
CVE-2025-50010			2025-06-23	5.4 Medium
Missing Authorization vulnerability in Zapier Zapier for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zapier for WordPress: from n/a through 1.5.2.
CVE-2025-49987			2025-06-23	5.3 Medium
Missing Authorization vulnerability in WPFactory CRM ERP Business Solution allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CRM ERP Business Solution: from n/a through 1.13.
CVE-2025-49998			2025-06-23	5.4 Medium
Missing Authorization vulnerability in Wetail WooCommerce Fortnox Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Fortnox Integration: from n/a through 4.5.5.

« first previous Page 188 of 493. next last »