Cpanel\ CVEs and Security Vulnerabilities

Search

Expected end of text, found ':' (at char 25), (line:1, col:26)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341935 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-68028	2 Passionate Brains, Wordpress	2 Ga4wp: Google Analytics For Wordpress, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through <= 2.10.0.
CVE-2025-68027	2 Themefic, Wordpress	2 Hydra Booking, Wordpress	2026-04-01	7.3 High
Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking hydra-booking allows Privilege Escalation.This issue affects Hydra Booking: from n/a through <= 1.1.32.
CVE-2025-68026	2 Niaj Morshed, Wordpress	2 Lc Wizard, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through <= 2.1.1.
CVE-2025-68025	2 Addonify, Wordpress	2 Addonify Floating Cart For Woocommerce, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Addonify Addonify Floating Cart For WooCommerce addonify-floating-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify Floating Cart For WooCommerce: from n/a through <= 1.2.17.
CVE-2025-68024	2 Addonify, Wordpress	2 Addonify – Woocommerce Wishlist, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Addonify Addonify – WooCommerce Wishlist addonify-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – WooCommerce Wishlist: from n/a through <= 2.0.15.
CVE-2025-68023	2 Addonify, Wordpress	2 Addonify – Compare Products For Woocommerce, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Addonify Addonify – Compare Products For WooCommerce addonify-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – Compare Products For WooCommerce: from n/a through <= 1.1.17.
CVE-2025-68022	2 Soporteblue, Wordpress	2 Plugin Bluex For Woocommerce, Wordpress	2026-04-01	6.3 Medium
Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin BlueX for WooCommerce: from n/a through <= 3.1.6.
CVE-2025-68019	2 Cleverplugins, Wordpress	2 Seo Booster, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in cleverplugins SEO Booster seo-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Booster: from n/a through <= 6.1.8.
CVE-2025-68017	2 Antideo, Wordpress	2 Email Validator, Wordpress	2026-04-01	7.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Antideo Antideo Email Validator antideo-email-validator allows Blind SQL Injection.This issue affects Antideo Email Validator: from n/a through <= 1.0.10.
CVE-2025-68016	3 Onepay Sri Lanka, Woocommerce, Wordpress	3 Onepay Payment Gateway For Woocommerce, Woocommerce, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Onepay Sri Lanka onepay Payment Gateway For WooCommerce onepay-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onepay Payment Gateway For WooCommerce: from n/a through <= 1.1.2.
CVE-2025-68013	3 Cardpaysolutions, Woocommerce, Wordpress	3 Payment Gateway Authorize.net Cim For Woocommerce, Woocommerce, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through <= 2.1.2.
CVE-2025-68012	1 Wordpress	1 Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dmytro Shteflyuk CodeColorer codecolorer allows Stored XSS.This issue affects CodeColorer: from n/a through <= 0.10.1.
CVE-2025-68011	3 Gls, Woocommerce, Wordpress	3 Shipping For Woocommerce, Woocommerce, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GLS GLS Shipping for WooCommerce gls-shipping-for-woocommerce allows Reflected XSS.This issue affects GLS Shipping for WooCommerce: from n/a through <= 1.4.0.
CVE-2025-68010	2 Netgsm, Wordpress	2 Netgsm, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in netgsm Netgsm netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through <= 2.9.63.
CVE-2025-68009	1 Wordpress	1 Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Codeless Slider Templates slider-templates allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slider Templates: from n/a through <= 1.0.3.
CVE-2025-68008	2 Mndpsingh287, Wordpress	2 Wp Mail, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mndpsingh287 WP Mail wp-mail allows Reflected XSS.This issue affects WP Mail: from n/a through <= 1.3.
CVE-2025-68007	2 Eventespresso, Wordpress	2 Event Espresso 4 Decaf, Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through <= 5.0.37.decaf.
CVE-2025-68006	1 Wordpress	1 Wordpress	2026-04-01	6.5 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Retrieve Embedded Sensitive Data.This issue affects Booking Ultra Pro: from n/a through <= 1.1.23.
CVE-2025-68004	1 Wordpress	1 Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kapil Chugh My Post Order my-posts-order allows Reflected XSS.This issue affects My Post Order: from n/a through <= 1.2.1.1.
CVE-2025-68003	1 Wordpress	1 Wordpress	2026-04-01	6.5 Medium
Missing Authorization vulnerability in renatoatshown Shown Connector shown-connector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shown Connector: from n/a through <= 1.2.10.

« first previous Page 484 of 17097. next last »