Search

Expected end of text, found '.' (at char 14), (line:1, col:15)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341846 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-32254 1 Iqonic 1 Wpbookit 2026-04-01 5.3 Medium
Missing Authorization vulnerability in Iqonic Design WPBookit wpbookit allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPBookit: from n/a through <= 1.0.7.
CVE-2025-32253 2026-04-01 N/A
Missing Authorization vulnerability in ComMotion Course Booking System course-booking-system allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Course Booking System: from n/a through <= 6.1.
CVE-2025-32252 2026-04-01 N/A
Missing Authorization vulnerability in Black and White WP Genealogy – Your Family History Website wpgenealogy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Genealogy – Your Family History Website: from n/a through <= 0.1.9.
CVE-2025-32251 2026-04-01 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in J. Tyler Wiest Jetpack Feedback Exporter jetpack-feedback-exporter allows Retrieve Embedded Sensitive Data.This issue affects Jetpack Feedback Exporter: from n/a through <= 1.23.
CVE-2025-32250 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in rollbar Rollbar rollbar allows Cross Site Request Forgery.This issue affects Rollbar: from n/a through <= 2.7.1.
CVE-2025-32249 2 Designinvento, Wordpress 2 Directorypress, Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Designinvento DirectoryPress directorypress allows Cross Site Request Forgery.This issue affects DirectoryPress: from n/a through <= 3.6.22.
CVE-2025-32248 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in SwiftXR SwiftXR (3D/AR/VR) Viewer swiftxr-3darvr-viewer allows Cross Site Request Forgery.This issue affects SwiftXR (3D/AR/VR) Viewer: from n/a through <= 1.0.7.
CVE-2025-32247 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in ABCdatos AI Content Creator ai-content-creator allows Cross Site Request Forgery.This issue affects AI Content Creator: from n/a through <= 1.2.6.
CVE-2025-32246 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Tim Nguyen 1-Click Backup &amp; Restore Database 1-click-backup-restore-database-by-sunbytes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 1-Click Backup &amp; Restore Database: from n/a through <= 1.0.3.
CVE-2025-32245 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Chaser324 Featured Posts Scroll featured-posts-scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through <= 1.25.
CVE-2025-32244 2026-04-01 N/A
Missing Authorization vulnerability in QuantumCloud SEO Help seo-help allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Help: from n/a through <= 6.7.9.
CVE-2025-32243 2026-04-01 N/A
Missing Authorization vulnerability in Toast Plugins Internal Link Optimiser internal-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Internal Link Optimiser: from n/a through <= 5.1.2.
CVE-2025-32242 2026-04-01 N/A
Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hive Support: from n/a through <= 1.2.5.
CVE-2025-32241 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in CleverReach® Official CleverReach Plugin for WooCommerce cleverreach-wc allows Cross Site Request Forgery.This issue affects Official CleverReach Plugin for WooCommerce: from n/a through <= 3.4.6.
CVE-2025-32240 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in wpvsingh Site Notify site-notify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Notify: from n/a through <= 1.0.
CVE-2025-32239 2026-04-01 N/A
Missing Authorization vulnerability in Joao Romao Social Share Buttons & Analytics Plugin – GetSocial.io wp-share-buttons-analytics-by-getsocial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Share Buttons & Analytics Plugin – GetSocial.io: from n/a through <= 4.5.
CVE-2025-32238 1 Vcita 1 Online Booking \& Scheduling Calendar 2026-04-01 N/A
Generation of Error Message Containing Sensitive Information vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Retrieve Embedded Sensitive Data.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through <= 4.5.5.
CVE-2025-32237 2026-04-01 N/A
Missing Authorization vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MasterStudy LMS: from n/a through <= 3.5.28.
CVE-2025-32236 2026-04-01 N/A
Missing Authorization vulnerability in Vagonic Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic vagonic-sortable.This issue affects Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic: from n/a through <= 1.9.
CVE-2025-32235 2026-04-01 N/A
Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through <= 5.9.4.