Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11174 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-22446 2 Select-themes, Wordpress 2 Prowess, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 1.8.1.
CVE-2026-22442 2 Launchandsell, Wordpress 2 Tribe, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LaunchandSell Tribe tribe allows PHP Local File Inclusion.This issue affects Tribe: from n/a through <= 1.7.3.
CVE-2026-22440 2 Foreverpinetree, Wordpress 2 Thecs, Wordpress 2026-03-09 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree Thecs thecs allows Reflected XSS.This issue affects Thecs: from n/a through <= 1.4.7.
CVE-2026-22438 2 Foreverpinetree, Wordpress 2 Thebi, Wordpress 2026-03-09 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree TheBi thebi allows Reflected XSS.This issue affects TheBi: from n/a through <= 1.0.5.
CVE-2026-22436 2 Elated-themes, Wordpress 2 Helvig, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Helvig helvig allows PHP Local File Inclusion.This issue affects Helvig: from n/a through <= 1.0.
CVE-2026-22434 2 Ancorathemes, Wordpress 2 Crown Art, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Crown Art crown-art allows PHP Local File Inclusion.This issue affects Crown Art: from n/a through <= 1.2.11.
CVE-2026-22432 2 Ancorathemes, Wordpress 2 Woopy, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Woopy woopy allows PHP Local File Inclusion.This issue affects Woopy: from n/a through <= 1.2.
CVE-2026-22429 2 Mikado-themes, Wordpress 2 Verdure, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Verdure verdure allows PHP Local File Inclusion.This issue affects Verdure: from n/a through <= 1.6.
CVE-2026-22427 2 Mikado-themes, Wordpress 2 Gotravel, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes GoTravel gotravel allows PHP Local File Inclusion.This issue affects GoTravel: from n/a through <= 2.1.
CVE-2026-22424 2 Ancorathemes, Wordpress 2 Shaha, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Shaha shaha allows PHP Local File Inclusion.This issue affects Shaha: from n/a through <= 1.1.2.
CVE-2026-22421 2 Ancorathemes, Wordpress 2 Quantum, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Quantum quantum allows PHP Local File Inclusion.This issue affects Quantum: from n/a through <= 1.0.
CVE-2026-22419 2 Ancorathemes, Wordpress 2 Honor, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Honor honor allows PHP Local File Inclusion.This issue affects Honor: from n/a through <= 2.3.
CVE-2026-22417 2 Themegoods, Wordpress 2 Grand Wedding, Wordpress 2026-03-09 8.1 High
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Wedding grandwedding allows Object Injection.This issue affects Grand Wedding: from n/a through <= 3.1.0.
CVE-2026-22415 2 Ancorathemes, Wordpress 2 The Mounty, Wordpress 2026-03-09 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes The Mounty the-mounty allows PHP Local File Inclusion.This issue affects The Mounty: from n/a through <= 1.1.
CVE-2026-27411 2 Jp-secure, Wordpress 2 Siteguard Wp Plugin, Wordpress 2026-03-09 5.3 Medium
Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through <= 1.7.9.
CVE-2026-27396 2 E-plugins, Wordpress 2 Directory Pro, Wordpress 2026-03-09 7.3 High
Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6.
CVE-2026-27389 2 Designthemes, Wordpress 2 Wedesigntech Ultimate Booking Addon, Wordpress 2026-03-09 9.8 Critical
Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.1.
CVE-2026-27386 2 Designthemes, Wordpress 2 Designthemes Directory Addon, Wordpress 2026-03-09 7.5 High
Missing Authorization vulnerability in designthemes DesignThemes Directory Addon designthemes-directory-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Directory Addon: from n/a through <= 1.8.
CVE-2026-27384 2 Boldgrid, Wordpress 2 W3 Total Cache, Wordpress 2026-03-09 9 Critical
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through <= 2.9.1.
CVE-2026-27382 2 Radiustheme, Wordpress 2 Metro, Wordpress 2026-03-09 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Metro metro allows DOM-Based XSS.This issue affects Metro: from n/a through <= 2.13.