Search

Expected end of text, found '.' (at char 8), (line:1, col:9)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (337974 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-32377 2026-03-13 N/A
Missing Authorization vulnerability in raratheme Pranayama Yoga pranayama-yoga allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pranayama Yoga: from n/a through <= 1.2.2.
CVE-2026-32376 2026-03-13 N/A
Missing Authorization vulnerability in raratheme Kalon kalon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalon: from n/a through <= 1.2.9.
CVE-2026-32375 2026-03-13 N/A
Missing Authorization vulnerability in raratheme Travel Diaries travel-diaries allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Diaries: from n/a through <= 1.2.4.
CVE-2026-32374 2026-03-13 N/A
Missing Authorization vulnerability in raratheme The Minimal the-minimal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Minimal: from n/a through <= 1.2.9.
CVE-2026-32373 2026-03-13 N/A
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through <= 3.9.0.
CVE-2026-32372 2026-03-13 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder allows Retrieve Embedded Sensitive Data.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through <= 3.2.4.
CVE-2026-32371 2026-03-13 N/A
Missing Authorization vulnerability in raratheme Elegant Pink elegant-pink allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elegant Pink: from n/a through <= 1.3.3.
CVE-2026-32370 2026-03-13 N/A
Missing Authorization vulnerability in raratheme Influencer influencer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Influencer: from n/a through <= 1.1.7.
CVE-2026-32369 2026-03-13 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through < 2.0.7.
CVE-2026-32368 2026-03-13 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through <= 1.0.19.
CVE-2026-32367 2026-03-13 N/A
Improper Control of Generation of Code ('Code Injection') vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through <= 3.5.16.
CVE-2026-32366 2026-03-13 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in robfelty Collapsing Categories collapsing-categories allows Blind SQL Injection.This issue affects Collapsing Categories: from n/a through <= 3.0.9.
CVE-2026-32365 2026-03-13 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in robfelty Collapsing Archives collapsing-archives allows Blind SQL Injection.This issue affects Collapsing Archives: from n/a through <= 3.0.7.
CVE-2026-32364 2026-03-13 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in redqteam Turbo Manager turbo-manager allows PHP Local File Inclusion.This issue affects Turbo Manager: from n/a through < 4.0.8.
CVE-2026-32363 2026-03-13 N/A
Missing Authorization vulnerability in Funlus Oy WPLifeCycle free-php-version-info allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLifeCycle: from n/a through <= 3.3.1.
CVE-2026-32362 2026-03-13 N/A
Missing Authorization vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.1.3.
CVE-2026-32361 2026-03-13 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marketing Fire Editorial Calendar editorial-calendar allows DOM-Based XSS.This issue affects Editorial Calendar: from n/a through <= 3.9.0.
CVE-2026-32360 2026-03-13 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in richplugins Rich Showcase for Google Reviews widget-google-reviews allows Stored XSS.This issue affects Rich Showcase for Google Reviews: from n/a through <= 6.9.4.3.
CVE-2026-32359 2026-03-13 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Icon List Block icon-list-block allows Stored XSS.This issue affects Icon List Block: from n/a through <= 1.2.3.
CVE-2026-32358 2026-03-13 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevelop Booking Calendar booking allows Blind SQL Injection.This issue affects Booking Calendar: from n/a through <= 10.14.15.