Primo 5.0-1 Sc CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 34), (line:1, col:35)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341935 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-24550	1 Wordpress	1 Wordpress	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kaira Blockons blockons allows Stored XSS.This issue affects Blockons: from n/a through <= 1.2.19.
CVE-2026-24548	1 Wordpress	1 Wordpress	2026-04-01	5.3 Medium
Server-Side Request Forgery (SSRF) vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.91.
CVE-2026-24540	2 Prince, Wordpress	2 Integrate Google Drive, Wordpress	2026-04-01	5.4 Medium
Missing Authorization vulnerability in princeahmed Integrate Google Drive integrate-google-drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through <= 1.5.6.
CVE-2026-24538	2 Omnipressteam, Wordpress	2 Omnipress, Wordpress	2026-04-01	7.6 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through <= 1.6.7.
CVE-2026-24530	1 Wordpress	1 Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in sheepfish WebP Conversion webp-conversion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebP Conversion: from n/a through <= 2.2.
CVE-2026-24524	1 Wordpress	1 Wordpress	2026-04-01	8.1 High
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.2.6.
CVE-2026-23548	2 Designinvento, Wordpress	2 Directorypress, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through <= 3.6.25.
CVE-2026-22479	2 Themeruby, Wordpress	2 Easy Post Submission, Wordpress	2026-04-01	7.5 High
Missing Authorization vulnerability in ThemeRuby Easy Post Submission easy-post-submission allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Post Submission: from n/a through <= 2.4.0.
CVE-2026-22460	2 Wordpress, Wpwax	2 Wordpress, Formgent	2026-04-01	8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpWax FormGent formgent allows Path Traversal.This issue affects FormGent: from n/a through <= 1.5.6.
CVE-2026-22459	2 Blend Media, Wordpress	2 Wordpress Cta, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Blend Media WordPress CTA easy-sticky-sidebar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a through <= 2.1.2.
CVE-2026-22451	2 Ancorathemes, Wordpress	2 Handyman, Wordpress	2026-04-01	9.8 Critical
Deserialization of Untrusted Data vulnerability in AncoraThemes Handyman handyman-services allows Object Injection.This issue affects Handyman: from n/a through <= 1.4.7.
CVE-2026-22445	1 Wordpress	1 Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Proptech Plugin Apimo Connector apimo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apimo Connector: from n/a through <= 2.6.5.1.
CVE-2026-22416	2 Ancorathemes, Wordpress	2 Fixteam, Wordpress	2026-04-01	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes FixTeam fixteam allows PHP Local File Inclusion.This issue affects FixTeam: from n/a through <= 1.5.0.
CVE-2026-22357	2 Spencer Haws, Wordpress	2 Link Whisper Free, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through <= 0.9.2.
CVE-2025-69405	2 Themerex, Wordpress	2 Lorem Ipsum \| Books & Media Store, Wordpress	2026-04-01	9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Lorem Ipsum \| Books & Media Store lorem-ipsum-books-media-store allows Object Injection.This issue affects Lorem Ipsum \| Books & Media Store: from n/a through <= 1.2.11.
CVE-2025-69404	2 Themerex, Wordpress	2 Extreme Store, Wordpress	2026-04-01	9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Extreme Store extremestore allows Object Injection.This issue affects Extreme Store: from n/a through <= 1.5.10.
CVE-2025-69403	2 Bravis-themes, Wordpress	2 Bravis Addons, Wordpress	2026-04-01	9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Bravis-Themes Bravis Addons bravis-addons allows Using Malicious Files.This issue affects Bravis Addons: from n/a through <= 1.3.0.
CVE-2025-69394	2 Cnvrse, Wordpress	2 Cnvrse, Wordpress	2026-04-01	7.5 High
Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cnvrse: from n/a through < 026.02.10.20.
CVE-2025-69026	1 Wordpress	1 Wordpress	2026-04-01	4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roxnor PopupKit popup-builder-block allows Retrieve Embedded Sensitive Data.This issue affects PopupKit: from n/a through <= 2.2.4.
CVE-2025-69025	3 Aethonic, Woocommerce, Wordpress	3 Poptics, Woocommerce, Wordpress	2026-04-01	4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Aethonic Poptics poptics allows Retrieve Embedded Sensitive Data.This issue affects Poptics: from n/a through <= 1.0.20.

« first previous Page 406 of 17097. next last »