Search

Expected end of text, found '.' (at char 32), (line:1, col:33)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (361357 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-48969 2 Really-simple-plugins, Wordpress 2 Really Simple Ssl, Wordpress 2026-06-26 6.5 Medium
Subscriber Broken Access Control in Really Simple SSL <= 9.5.9 versions.
CVE-2025-64215 2 Stylemixthemes, Wordpress 2 Masterstudy Lms, Wordpress 2026-06-26 6.5 Medium
Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects MasterStudy LMS Pro: from n/a before 4.7.16.
CVE-2023-4727 1 Redhat 6 Certificate System Eus, Enterprise Linux, Rhel Aus and 3 more 2026-06-26 7.5 High
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
CVE-2026-9691 2 Crm Perks, Wordpress 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress 2026-06-26 9.8 Critical
Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions.
CVE-2026-24637 2 Blubrry, Wordpress 2 Powerpress Podcasting, Wordpress 2026-06-26 8.5 High
Contributor SQL Injection in PowerPress Podcasting <= 11.15.10 versions.
CVE-2026-27053 2 Videowhisper, Wordpress 2 Broadcast Live Video, Wordpress 2026-06-26 9.8 Critical
Unauthenticated PHP Object Injection in Broadcast Live Video < 7.1.3 versions.
CVE-2026-27407 2 Meowapps, Wordpress 2 Ai Engine, Wordpress 2026-06-26 7.2 High
Editor Privilege Escalation in AI Engine <= 3.4.9 versions.
CVE-2026-39450 2 Funnelkit, Wordpress 2 Funnelkit Automations, Wordpress 2026-06-26 7.1 High
Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions.
CVE-2026-39515 2 Stylemix, Wordpress 2 Motors, Wordpress 2026-06-26 6.5 Medium
Subscriber Broken Access Control in Motors < 1.4.107 versions.
CVE-2026-39518 2 Theeventprime, Wordpress 2 Eventprime, Wordpress 2026-06-26 7.1 High
Subscriber Insecure Direct Object References (IDOR) in EventPrime <= 4.3.0.0 versions.
CVE-2026-39524 2 Themegrill, Wordpress 2 Masteriyo, Wordpress 2026-06-26 7.5 High
Unauthenticated Broken Access Control in Masteriyo - LMS <= 2.1.5 versions.
CVE-2026-39532 2 Stiofansisland, Wordpress 2 Events Calendar For Geodirectory, Wordpress 2026-06-26 8.8 High
Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions.
CVE-2026-39534 2 Wordpress, Wpdirectorykit 2 Wordpress, Wp Directory Kit 2026-06-26 7.5 High
Unauthenticated Broken Access Control in WP Directory Kit <= 1.5.0 versions.
CVE-2026-39583 2 Datalogics Ecommerce Delivery, Wordpress 2 Datalogics Ecommerce Delivery, Wordpress 2026-06-26 9.8 Critical
Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions.
CVE-2026-40773 2 Rtcamp, Wordpress 2 Rtmedia For Wordpress, Buddypress And Bbpress, Wordpress 2026-06-26 6.5 Medium
Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions.
CVE-2026-40779 2 Wordpress, Ylefebvre 2 Wordpress, Link Library 2026-06-26 7.7 High
Contributor Arbitrary File Deletion in Link Library <= 7.8.8 versions.
CVE-2026-40792 2 Iqonic, Wordpress 2 Kivicare, Wordpress 2026-06-26 6.3 Medium
Subscriber Insecure Direct Object References (IDOR) in KiviCare <= 4.2.1 versions.
CVE-2026-40799 2 Replywp, Wordpress 2 Simple Cloudfare Turnstile, Wordpress 2026-06-26 5.8 Medium
Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions.
CVE-2026-42668 2 Omnisend, Wordpress 2 Email Marketing For Woocommerce, Wordpress 2026-06-26 7.5 High
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend <= 1.18.0 versions.
CVE-2026-42686 2 Theeventprime, Wordpress 2 Eventprime, Wordpress 2026-06-26 7.1 High
Subscriber Cross Site Scripting (XSS) in EventPrime <= 4.3.2.1 versions.