Export limit exceeded: 360633 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360633 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360633 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-60175 | 2 Vynnus, Wordpress | 2 Popad, Wordpress | 2026-06-23 | 4.4 Medium |
| Administrator Server Side Request Forgery (SSRF) in PopAd <= 1.0.4 versions. | ||||
| CVE-2025-68049 | 2 Bunny.net, Wordpress | 2 Bunny.net, Wordpress | 2026-06-23 | 6.3 Medium |
| Subscriber Broken Access Control in bunny.net <= 2.3.6 versions. | ||||
| CVE-2025-68840 | 2 Markbeljaars, Wordpress | 2 Irobots.txt Seo, Wordpress | 2026-06-23 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in iRobots.txt SEO <= 1.1.2 versions. | ||||
| CVE-2025-68851 | 2 Arrayhq, Wordpress | 2 Okay Toolkit, Wordpress | 2026-06-23 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Okay Toolkit <= 2.3 versions. | ||||
| CVE-2025-68872 | 2 Eli, Wordpress | 2 Eli's Wordcents Adsense Widget With Analytics, Wordpress | 2026-06-23 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Eli's WordCents adSense Widget with Analytics <= 1.3.03.27 versions. | ||||
| CVE-2025-69332 | 2 Mycred, Wordpress | 2 Bookify, Wordpress | 2026-06-23 | 6.5 Medium |
| Subscriber Broken Access Control in Bookify <= 1.1.1 versions. | ||||
| CVE-2026-25425 | 2 Themegrill, Wordpress | 2 User Registration, Wordpress | 2026-06-23 | 7.5 High |
| Unauthenticated Broken Access Control in User Registration <= 5.1.2 versions. | ||||
| CVE-2026-34898 | 2 Wordpress, Wp Swings | 2 Wordpress, Event Tickets Manager For Woocommerce | 2026-06-23 | 7.5 High |
| Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce <= 1.5.3 versions. | ||||
| CVE-2026-34901 | 2 Paul, Wordpress | 2 Icontrolwp, Wordpress | 2026-06-23 | 9.8 Critical |
| Unauthenticated Privilege Escalation in iControlWP <= 5.5.3 versions. | ||||
| CVE-2026-39441 | 2 Naked Cat Plugins (by Webdados), Wordpress | 2 Feed Kuantokusta For Woocommerce – Free, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free <= 5.3 versions. | ||||
| CVE-2026-39468 | 2 Elightup, Wordpress | 2 Meta Box – Wordpress Custom Fields Framework, Wordpress | 2026-06-23 | 6.8 Medium |
| Contributor Arbitrary File Deletion in Meta Box – WordPress Custom Fields Framework <= 5.11.1 versions. | ||||
| CVE-2026-39492 | 2 Flipper Code – Wordpress Development Company, Wordpress | 2 Wp Maps, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in WP Maps <= 4.9.1 versions. | ||||
| CVE-2026-39498 | 2 Wordpress, Yeeaddons | 2 Wordpress, Yaymail | 2026-06-23 | 7.2 High |
| Shop manager PHP Object Injection in YayMail <= 4.3.3 versions. | ||||
| CVE-2026-39507 | 2 Themeisle, Wordpress | 2 Social Slider Feed, Wordpress | 2026-06-23 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Social Slider Feed <= 2.3.2 versions. | ||||
| CVE-2026-39511 | 2 Jacob N. Breetvelt, Wordpress | 2 Wp Photo Album Plus, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in WP Photo Album Plus <= 9.1.08.001 versions. | ||||
| CVE-2026-39519 | 2 Ahmad, Wordpress | 2 Geekybot, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in GeekyBot <= 1.2.0 versions. | ||||
| CVE-2026-39525 | 2 Booking Activities Team, Wordpress | 2 Booking Activities, Wordpress | 2026-06-23 | 6.5 Medium |
| Unauthenticated Broken Access Control in Booking Activities <= 1.16.48.1 versions. | ||||
| CVE-2026-39527 | 2 Sc Internet Vivoo, Wordpress | 2 Wpstream, Wordpress | 2026-06-23 | 5.4 Medium |
| Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions. | ||||
| CVE-2026-39530 | 2 Speakout!, Wordpress | 2 Speakout! Email Petitions, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in SpeakOut! Email Petitions <= 4.6.5 versions. | ||||
| CVE-2026-39540 | 2 Amit Mittal, Wordpress | 2 Shipment Tracker For Woocommerce, Wordpress | 2026-06-23 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in Shipment Tracker for Woocommerce <= 1.5.3.2 versions. | ||||