Search

Expected end of text, found '.' (at char 17), (line:1, col:18)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (334126 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-25319 2 Wordpress, Wpzita 2 Wordpress, Zita Elementor Site Library 2026-02-20 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpzita Zita Elementor Site Library zita-site-library allows Cross Site Request Forgery.This issue affects Zita Elementor Site Library: from n/a through <= 1.6.6.
CVE-2026-25320 2 Cool Plugins, Wordpress 2 Elementor Contact Form Db, Wordpress 2026-02-20 5.3 Medium
Missing Authorization vulnerability in Cool Plugins Elementor Contact Form DB sb-elementor-contact-form-db allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Contact Form DB: from n/a through <= 2.1.3.
CVE-2026-25321 2 Psm Plugins, Wordpress 2 Supportcandy, Wordpress 2026-02-20 5.3 Medium
Missing Authorization vulnerability in PSM Plugins SupportCandy supportcandy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SupportCandy: from n/a through <= 3.4.4.
CVE-2026-25323 2 Mika, Wordpress 2 Osm, Wordpress 2026-02-20 N/A
Missing Authorization vulnerability in MiKa OSM osm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OSM: from n/a through <= 6.1.12.
CVE-2026-25325 2 Rtcamp, Wordpress 2 Rtmedia For Wordpress, Buddypress And Bbpress, Wordpress 2026-02-20 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress buddypress-media allows Retrieve Embedded Sensitive Data.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through <= 4.7.8.
CVE-2026-25329 2 Expresstech, Wordpress 2 Quiz And Survey Master, Wordpress 2026-02-20 N/A
Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.4.
CVE-2026-25331 2 Melapress, Wordpress 2 Wp Activity Log, Wordpress 2026-02-20 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through <= 5.5.4.
CVE-2026-25332 2 Fahad Mahmood, Wordpress 2 Endless Posts Navigation, Wordpress 2026-02-20 5.3 Medium
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through <= 2.2.9.
CVE-2026-25333 2 Peregrinethemes, Wordpress 2 Shopwell, Wordpress 2026-02-20 5.3 Medium
Missing Authorization vulnerability in peregrinethemes Shopwell shopwell allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shopwell: from n/a through <= 1.0.11.
CVE-2026-25335 2 Ays-pro, Wordpress 2 Secure Copy Content Protection And Content Locking, Wordpress 2026-02-20 4.3 Medium
Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 5.0.0.
CVE-2026-25336 2 Wordpress, Wpcoachify 2 Wordpress, Coachify 2026-02-20 5.3 Medium
Missing Authorization vulnerability in wpcoachify Coachify coachify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coachify: from n/a through <= 1.1.5.
CVE-2026-25337 2 Wordpress, Wpcoachify 2 Wordpress, Coachify 2026-02-20 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpcoachify Coachify coachify allows Cross Site Request Forgery.This issue affects Coachify: from n/a through <= 1.1.5.
CVE-2026-25338 2 Ays Pro, Wordpress 2 Ai Chatbot With Chatgpt And Content Generator By Ays, Wordpress 2026-02-20 5.3 Medium
Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.7.4.
CVE-2026-25348 2 Alttextai, Wordpress 2 Download Alt Text Ai, Wordpress 2026-02-20 5.3 Medium
Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through <= 1.10.15.
CVE-2026-25363 2 Fooplugins, Wordpress 2 Foogallery, Wordpress 2026-02-20 N/A
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through <= 3.1.11.
CVE-2026-25367 2 Nootheme, Wordpress 2 Citilights, Wordpress 2026-02-20 5.3 Medium
Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through < 3.7.2.
CVE-2026-25368 2 Codepeople, Wordpress 2 Calculated Fields Form, Wordpress 2026-02-20 6.5 Medium
Missing Authorization vulnerability in codepeople Calculated Fields Form calculated-fields-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Calculated Fields Form: from n/a through <= 5.4.4.1.
CVE-2026-25370 2 Aresit, Wordpress 2 Wp Compress, Wordpress 2026-02-20 N/A
Missing Authorization vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress: from n/a through <= 6.60.28.
CVE-2026-25372 2 Kodezen, Wordpress 2 Academy Lms, Wordpress 2026-02-20 6.5 Medium
Missing Authorization vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through <= 3.5.3.
CVE-2026-25374 2 Rarathemes, Wordpress 2 Spa And Salon, Wordpress 2026-02-20 5.3 Medium
Missing Authorization vulnerability in raratheme Spa and Salon spa-and-salon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spa and Salon: from n/a through <= 1.3.2.