Search

Expected end of text, found '.' (at char 30), (line:1, col:31)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (340666 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-27047 2 Mikado-themes, Wordpress 2 Curly, Wordpress 2026-03-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Curly Core curly-core allows PHP Local File Inclusion.This issue affects Curly Core: from n/a through <= 2.1.6.
CVE-2026-27048 2 Elated-themes, Wordpress 2 The Aisle Core, Wordpress 2026-03-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes The Aisle Core theaisle-core allows PHP Local File Inclusion.This issue affects The Aisle Core: from n/a through <= 2.0.5.
CVE-2026-27051 2 Uxper, Wordpress 2 Golo, Wordpress 2026-03-26 N/A
Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through <= 1.7.0.
CVE-2026-27071 2 Arraytics, Wordpress 2 Wpcafe, Wordpress 2026-03-26 N/A
Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through <= 3.0.7.
CVE-2026-27073 2 Addi, Wordpress 2 Addi – Cuotas Que Se Adaptan A Ti, Wordpress 2026-03-26 N/A
Use of Hard-coded Credentials vulnerability in Addi Addi &#8211; Cuotas que se adaptan a ti buy-now-pay-later-addi allows Password Recovery Exploitation.This issue affects Addi &#8211; Cuotas que se adaptan a ti: from n/a through <= 2.0.4.
CVE-2026-27075 2 Mikado-themes, Wordpress 2 Belfort, Wordpress 2026-03-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Belfort belfort allows PHP Local File Inclusion.This issue affects Belfort: from n/a through <= 1.0.
CVE-2026-27077 2 Mikado-themes, Wordpress 2 Multioffice, Wordpress 2026-03-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes MultiOffice multioffice allows PHP Local File Inclusion.This issue affects MultiOffice: from n/a through <= 1.2.
CVE-2026-27079 2 Mikado-themes, Wordpress 2 Amfissa, Wordpress 2026-03-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Amfissa amfissa allows PHP Local File Inclusion.This issue affects Amfissa: from n/a through <= 1.1.
CVE-2026-27081 2 Mikado-themes, Wordpress 2 Rosebud, Wordpress 2026-03-26 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Rosebud rosebud allows PHP Local File Inclusion.This issue affects Rosebud: from n/a through <= 1.4.
CVE-2026-27082 2 Themerex, Wordpress 2 Love Story, Wordpress 2026-03-26 N/A
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through <= 1.3.12.
CVE-2026-27083 2 Themerex, Wordpress 2 Work & Travel Company, Wordpress 2026-03-26 N/A
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel-company allows Object Injection.This issue affects Work & Travel Company: from n/a through <= 1.2.
CVE-2026-27095 2 Mage-people, Wordpress 2 Bus Ticket Booking With Seat Reservation, Wordpress 2026-03-26 N/A
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Object Injection.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through <= 5.6.0.
CVE-2026-31921 2 Devteam Haywoodtech, Wordpress 2 Product Rearrange For Woocommerce, Wordpress 2026-03-26 N/A
Missing Authorization vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Rearrange for WooCommerce: from n/a through <= 1.2.2.
CVE-2026-32441 2 Webtoffee, Wordpress 2 Wordpress Comments Import And Export, Wordpress 2026-03-26 N/A
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through <= 2.4.9.
CVE-2026-32482 2 Deothemes, Wordpress 2 Ona, Wordpress 2026-03-26 N/A
Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload a Web Shell to a Web Server.This issue affects Ona: from n/a through < 1.24.
CVE-2026-32483 2 Codepeople, Wordpress 2 Contact Form Email, Wordpress 2026-03-26 N/A
Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through <= 1.3.63.
CVE-2026-32484 2 Boldgrid, Wordpress 2 Weforms, Wordpress 2026-03-26 N/A
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through <= 1.6.26.
CVE-2026-32485 2 Wedevs, Wordpress 2 Wp User Frontend, Wordpress 2026-03-26 N/A
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.2.8.
CVE-2026-32488 2 Wordpress, Wpeverest 2 Wordpress, User Registration 2026-03-26 N/A
Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation.This issue affects User Registration: from n/a through <= 4.4.9.
CVE-2026-32489 2 Bplugins, Wordpress 2 B Blocks, Wordpress 2026-03-26 N/A
Missing Authorization vulnerability in bPlugins B Blocks b-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Blocks: from n/a through < 2.0.30.