Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (324642 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-57840 1 Honor 1 Magicos 2025-12-29 2.2 Low
ADB(Android Debug Bridge) is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability.
CVE-2025-68505 2 H5p, Wordpress 2 H5p, Wordpress 2025-12-29 8.8 High
Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through <= 1.16.1.
CVE-2025-68500 2 Bdthemes, Wordpress 2 Prime Slider, Wordpress 2025-12-29 9.1 Critical
Server-Side Request Forgery (SSRF) vulnerability in bdthemes Prime Slider – Addons For Elementor bdthemes-prime-slider-lite allows Server Side Request Forgery.This issue affects Prime Slider – Addons For Elementor: from n/a through <= 4.0.10.
CVE-2025-68508 2 Brave, Wordpress 2 Brave Popup Builder, Wordpress 2025-12-29 9.1 Critical
Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through <= 0.8.3.
CVE-2025-68591 2 Mitchell Bennis, Wordpress 2 Simple File List, Wordpress 2025-12-29 8.1 High
Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple File List: from n/a through <= 6.1.15.
CVE-2025-68595 2 Trustindex, Wordpress 2 Widgets For Social Photo Feed, Wordpress 2025-12-29 8.8 High
Missing Authorization vulnerability in Trustindex Widgets for Social Photo Feed social-photo-feed-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widgets for Social Photo Feed: from n/a through <= 1.7.7.
CVE-2025-68588 2 Total-soft, Wordpress 2 Ts Poll, Wordpress 2025-12-29 8.1 High
Missing Authorization vulnerability in totalsoft TS Poll poll-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TS Poll: from n/a through <= 2.5.3.
CVE-2025-68597 2 Blueglass, Wordpress 2 Jobs For Wordpress, Wordpress 2025-12-29 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through <= 2.7.17.
CVE-2025-67631 2 Ecommerce Platforms, Wordpress 2 Gift Hunt, Wordpress 2025-12-29 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ecommerce Platforms Gift Hunt gift-hunt allows Stored XSS.This issue affects Gift Hunt: from n/a through <= 2.0.2.
CVE-2025-68580 2 Pluginsware, Wordpress 2 Advanced Classifieds & Directory Pro, Wordpress 2025-12-29 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro advanced-classifieds-and-directory-pro allows Cross Site Request Forgery.This issue affects Advanced Classifieds & Directory Pro: from n/a through <= 3.2.9.
CVE-2025-68586 2 Goratech, Wordpress 2 Cooked, Wordpress 2025-12-29 8.8 High
Missing Authorization vulnerability in Gora Tech Cooked cooked allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cooked: from n/a through <= 1.11.2.
CVE-2025-68528 3 Woocommerce, Wordpress, Wpfactory 3 Woocommerce, Wordpress, Free Shipping Bar 2025-12-29 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce amount-left-free-shipping-woocommerce allows Stored XSS.This issue affects Free Shipping Bar: Amount Left for Free Shipping for WooCommerce: from n/a through <= 2.4.9.
CVE-2025-68516 2 Essekia, Wordpress 2 Tablesome Table, Wordpress 2025-12-29 7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Essekia Tablesome tablesome allows Retrieve Embedded Sensitive Data.This issue affects Tablesome: from n/a through <= 1.1.35.1.
CVE-2025-68511 2 Jegstudio, Wordpress 2 Gutenverse, Wordpress 2025-12-29 9.1 Critical
Missing Authorization vulnerability in Jegstudio Gutenverse Form gutenverse-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse Form: from n/a through <= 2.3.1.
CVE-2025-68582 2 Funnelforms, Wordpress 3 Funnelforms, Funnelforms Free, Wordpress 2025-12-29 8.8 High
Missing Authorization vulnerability in Funnelforms Funnelforms Free funnelforms-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Funnelforms Free: from n/a through <= 3.8.
CVE-2025-68517 2 Essekia, Wordpress 2 Tablesome Table, Wordpress 2025-12-29 8.1 High
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.1.
CVE-2025-68038 2 Icegram, Wordpress 2 Icegram Express, Wordpress 2025-12-29 9.8 Critical
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers-premium allows Object Injection.This issue affects Icegram Express Pro: from n/a through <= 5.9.11.
CVE-2025-68527 2 Kodezen, Wordpress 2 Academy Lms, Wordpress 2025-12-29 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kodezen LLC Academy LMS academy allows Stored XSS.This issue affects Academy LMS: from n/a through <= 3.4.0.
CVE-2025-68568 2 Popup Builder, Wordpress 2 Popup Builder, Wordpress 2025-12-29 7.5 High
Missing Authorization vulnerability in integrationclaspo Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture &amp; Lead Generation forms maker claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture &amp; Lead Generation forms maker: from n/a through <= 1.0.5.
CVE-2025-68596 2 Bitapps, Wordpress 2 Bit Assist, Wordpress 2025-12-29 8.8 High
Missing Authorization vulnerability in Bit Apps Bit Assist bit-assist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bit Assist: from n/a through <= 1.5.11.