CVEs and Security Vulnerabilities

Export limit exceeded: 76324 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (76324 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-60196	1 Wordpress	1 Wordpress	2026-01-20	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Clearblue Clearblue® Ovulation Calculator clearblue-ovulation-calculator allows PHP Local File Inclusion.This issue affects Clearblue® Ovulation Calculator: from n/a through <= 1.2.4.
CVE-2025-60194	2 Premmerce, Wordpress	2 Product Search For Woocommerce, Wordpress	2026-01-20	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Product Search for WooCommerce premmerce-search allows PHP Local File Inclusion.This issue affects Premmerce Product Search for WooCommerce: from n/a through <= 2.2.4.
CVE-2025-60193	2 Premmerce, Wordpress	2 User Roles, Wordpress	2026-01-20	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce User Roles premmerce-user-roles allows PHP Local File Inclusion.This issue affects Premmerce User Roles: from n/a through <= 1.0.13.
CVE-2025-60192	2 Premmerce, Wordpress	2 Wholesale Pricing For Woocommerce, Wordpress	2026-01-20	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows PHP Local File Inclusion.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through <= 1.1.10.
CVE-2025-60191	3 Premmerce, Woocommerce, Wordpress	3 Wishlist For Woocommerce, Woocommerce, Wordpress	2026-01-20	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wishlist for WooCommerce premmerce-woocommerce-wishlist allows PHP Local File Inclusion.This issue affects Premmerce Wishlist for WooCommerce: from n/a through <= 1.1.10.
CVE-2025-60190	2 Hinnerk Altenburg, Wordpress	2 Immocaster Wordpress Plugin, Wordpress	2026-01-20	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hinnerk Altenburg Immocaster WordPress Plugin immocaster allows PHP Local File Inclusion.This issue affects Immocaster WordPress Plugin: from n/a through <= 1.3.6.
CVE-2025-60189	3 Polopag, Woocommerce, Wordpress	3 Polopag, Woocommerce, Wordpress	2026-01-20	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PoloPag PoloPag – Pix Automático para Woocommerce wc-polo-payments allows PHP Local File Inclusion.This issue affects PoloPag – Pix Automático para Woocommerce: from n/a through <= 2.0.9.
CVE-2025-60188	2 Atarim, Wordpress	2 Atarim, Wordpress	2026-01-20	7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.
CVE-2025-60182	2 Schiocco, Wordpress	2 Support Board, Wordpress	2026-01-20	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board supportboard allows Reflected XSS.This issue affects Support Board: from n/a through < 3.8.7.
CVE-2025-60168	1 Wordpress	1 Wordpress	2026-01-20	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in integrationshotelrunner HotelRunner Booking Widget hotelrunner allows Stored XSS.This issue affects HotelRunner Booking Widget: from n/a through <= 1.6.
CVE-2025-60086	2 Matt, Wordpress	2 Wp Voting Contest, Wordpress	2026-01-20	7.5 High
Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through <= 5.8.
CVE-2025-39849	2 Debian, Linux	2 Debian Linux, Linux Kernel	2026-01-20	7.8 High
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would lead to memory corruption so add some bounds checking.
CVE-2025-60083	3 Add-ons.org, Woocommerce, Wordpress	3 Pdf Invoice Builder For Woocommerce, Woocommerce, Wordpress	2026-01-20	8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Object Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 6.3.2.
CVE-2025-60082	2 Add-ons.org, Wordpress	2 Pdf For Wpforms, Wordpress	2026-01-20	8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through <= 6.3.1.
CVE-2025-60081	1 Wordpress	1 Wordpress	2026-01-20	8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through <= 6.3.4.
CVE-2025-60080	1 Wordpress	1 Wordpress	2026-01-20	7.5 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through <= 6.3.0.
CVE-2025-60079	1 Wordpress	1 Wordpress	2026-01-20	7.1 High
Missing Authorization vulnerability in bPlugins Parallax Section block parallax-section allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Parallax Section block: from n/a through <= 1.0.9.
CVE-2025-60078	1 Wordpress	1 Wordpress	2026-01-20	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Agence web Eoxia - Montpellier Task Manager task-manager allows PHP Local File Inclusion.This issue affects Task Manager: from n/a through <= 3.0.2.
CVE-2025-60077	1 Wordpress	1 Wordpress	2026-01-20	7.5 High
Missing Authorization vulnerability in YayCommerce YayPricing yaypricing allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects YayPricing: from n/a through <= 3.5.3.
CVE-2025-60074	1 Wordpress	1 Wordpress	2026-01-20	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Lazy Load Optimizer lazy-load-optimizer allows PHP Local File Inclusion.This issue affects Lazy Load Optimizer: from n/a through <= 1.4.7.

« first previous Page 441 of 3817. next last »