Search

Expected end of text, found '.' (at char 13), (line:1, col:14)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (355047 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-52766 2 Printeers, Wordpress 2 Printeers Print & Ship, Wordpress 2026-06-02 6.5 Medium
Missing Authorization vulnerability in Printeers Printeers Print & Ship allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Printeers Print & Ship: from n/a through 1.17.0.
CVE-2025-53209 2 Themeisle, Wordpress 2 Masteriyo Lms Pro, Wordpress 2026-06-02 9.8 Critical
Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation. This issue affects Masteriyo LMS PRO: from n/a through 2.20.0.
CVE-2025-53302 2 Anton Shevchuk, Wordpress 2 Constructor, Wordpress 2026-06-02 5.3 Medium
Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5.
CVE-2025-53345 2 Thimpress, Wordpress 2 Thim Core, Wordpress 2026-06-02 8.8 High
Missing Authorization vulnerability leading to code execution after installing malicious vulnerable plugin in ThimPress Thim Core. This issue affects Thim Core: from n/a through 2.3.3.
CVE-2025-53346 2 Thimpress, Wordpress 2 Thim Core, Wordpress 2026-06-02 4.3 Medium
Missing Authorization vulnerability in ThimPress Thim Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thim Core: from n/a through 2.3.3.
CVE-2025-53440 2 Axiomthemes, Wordpress 2 Confidant, Wordpress 2026-06-02 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Confidant allows PHP Local File Inclusion. This issue affects Confidant: from n/a through 1.4.
CVE-2025-58024 2 Unboundstudio, Wordpress 2 Accordion Faq, Wordpress 2026-06-02 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in UnboundStudio Accordion FAQ allows PHP Local File Inclusion. This issue affects Accordion FAQ: from n/a through 2.2.1.
CVE-2025-58705 2 Axiomthemes, Wordpress 2 Crafti, Wordpress 2026-06-02 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Crafti allows PHP Local File Inclusion. This issue affects Crafti: from n/a through 1.12.
CVE-2026-42670 2 Etoile Web Design Incorporated, Wordpress 2 Five Star Restaurant Reservations, Wordpress 2026-06-02 7.5 High
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14.
CVE-2026-42684 2 Ahmad, Wordpress 2 Wp Job Portal, Wordpress 2026-06-02 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ahmad WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.5.1.
CVE-2026-42685 2 Ahmad, Wordpress 2 Wp Job Portal, Wordpress 2026-06-02 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1.
CVE-2026-39550 2 Elated-themes, Wordpress 2 Aperitif, Wordpress 2026-06-02 8.1 High
Deserialization of Untrusted Data vulnerability in Elated-Themes Aperitif allows Object Injection. This issue affects Aperitif: from n/a through 1.6.
CVE-2026-39551 2 Elated-themes, Wordpress 2 Töbel, Wordpress 2026-06-02 8.1 High
Deserialization of Untrusted Data vulnerability in Elated-Themes Töbel allows Object Injection. This issue affects Töbel: from n/a through 1.8.1.
CVE-2026-8993 1 Ditec 1 D.launcher 2 2026-06-02 6.5 Medium
D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF (Server Side Request Forgery) attacks. User interaction is required as potential victim needs to open a specially crafted URL.
CVE-2026-39552 2 Code Supply Co., Wordpress 2 Blueprint, Wordpress 2026-06-02 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5.
CVE-2026-39553 2 Select-themes, Wordpress 2 Waveride, Wordpress 2026-06-02 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes WaveRide allows PHP Local File Inclusion. This issue affects WaveRide: from n/a through 1.4.
CVE-2026-9844 1 Roche Diagnostics 1 Navify Digital Pathology 2026-06-02 N/A
Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1.
CVE-2019-25717 1 Draeger 2 Infinity Delta, Infinity Kappa 2026-06-02 4.3 Medium
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration details from the exposed log files.
CVE-2025-58707 2 Axiomthemes, Wordpress 2 Spin, Wordpress 2026-06-02 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8.
CVE-2025-58897 2 Axiomthemes, Wordpress 2 Fermentio, Wordpress 2026-06-02 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Fermentio allows PHP Local File Inclusion. This issue affects Fermentio: from n/a through 1.5.0.