Cms.brdconcept CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 10), (line:1, col:11)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341845 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-26963	1 Flowdee	1 Clickwhale	2026-04-01	8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in ClickWhale ClickWhale clickwhale allows Cross Site Request Forgery.This issue affects ClickWhale: from n/a through <= 2.4.3.
CVE-2025-26962			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Easy Contact Form Lite contact-form-lite allows Stored XSS.This issue affects Easy Contact Form Lite : from n/a through <= 1.1.25.
CVE-2025-26961	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in FRESHFACE Fresh Framework fresh-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Fresh Framework: from n/a through <= 1.70.0.
CVE-2025-26960			2026-04-01	N/A
Missing Authorization vulnerability in enituretechnology Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Small Package Quotes – Unishippers Edition: from n/a through <= 2.4.9.
CVE-2025-26959			2026-04-01	N/A
Missing Authorization vulnerability in Quý Lê 91 Administrator Z administrator-z allows Privilege Escalation.This issue affects Administrator Z: from n/a through <= 2025.03.24.
CVE-2025-26958	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through <= 2.4.3.
CVE-2025-26957	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Deetronix Affiliate Coupons affiliate-coupons allows PHP Local File Inclusion.This issue affects Affiliate Coupons: from n/a through <= 1.7.3.
CVE-2025-26956	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in shinetheme Traveler traveler.This issue affects Traveler: from n/a through < 3.2.1.
CVE-2025-26955			2026-04-01	N/A
Missing Authorization vulnerability in vowelweb Industrial Lite industrial-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Industrial Lite: from n/a through <= 1.0.8.
CVE-2025-26954			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 1pluginjquery ZooEffect 1-jquery-photo-gallery-slideshow-flash allows Reflected XSS.This issue affects ZooEffect: from n/a through <= 1.11.
CVE-2025-26953	1 Wordpress	1 Wordpress	2026-04-01	N/A
Missing Authorization vulnerability in Crocoblock JetMenu jet-menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetMenu: from n/a through <= 2.4.9.
CVE-2025-26952			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Business Card Block business-card-block allows Stored XSS.This issue affects Business Card Block: from n/a through <= 1.0.5.
CVE-2025-26951	2 Covertnine, Wordpress	2 C9 Blocks, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in covertnine C9 Blocks c9-blocks allows DOM-Based XSS.This issue affects C9 Blocks: from n/a through <= 1.7.7.
CVE-2025-26950			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddonsPress Nepali Date Converter nepali-date-converter allows Stored XSS.This issue affects Nepali Date Converter: from n/a through <= 2.0.8.
CVE-2025-26949			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Team Section Block team-section allows Stored XSS.This issue affects Team Section Block: from n/a through <= 1.0.9.
CVE-2025-26947			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Services Section block services-section allows Stored XSS.This issue affects Services Section block: from n/a through <= 1.3.4.
CVE-2025-26946			2026-04-01	N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jgwhite33 WP Yelp Review Slider wp-yelp-review-slider allows Blind SQL Injection.This issue affects WP Yelp Review Slider: from n/a through <= 8.1.
CVE-2025-26945			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Info Cards info-cards allows Stored XSS.This issue affects Info Cards: from n/a through <= 1.0.5.
CVE-2025-26944			2026-04-01	N/A
Missing Authorization vulnerability in Crocoblock JetPopup jet-popup allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetPopup: from n/a through <= 2.0.11.
CVE-2025-26943	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jürgen Müller Easy Quotes easy-quotes allows Blind SQL Injection.This issue affects Easy Quotes: from n/a through <= 1.2.2.

« first previous Page 214 of 17093. next last »