Search

Expected end of text, found '.' (at char 14), (line:1, col:15)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (361177 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-7850 2 Wordpress, Wp Magnific Popup 2 Wordpress, Wp Magnific Popup 2026-06-26 5.9 Medium
The WP Magnific Popup WordPress plugin through 1.0 does not properly escape user-controlled link URLs before injecting them into the DOM when displaying image load error messages, allowing authenticated attackers with Author-level access or above to perform Stored Cross-Site Scripting attacks against any visiting user.
CVE-2026-8383 2 Learnpress, Wordpress 2 Learnpress, Wordpress 2026-06-26 5.3 Medium
The LearnPress WordPress plugin before 4.3.7 does not gate the `edit` context on one of its REST endpoint behind the `edit_users` capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a crafted request
CVE-2026-10094 1 Dassault Systèmes 1 Solidworks Visualize 2026-06-26 9.8 Critical
A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026 could allow an attacker to write arbitrary files on the server.
CVE-2025-58952 2 Themerex, Wordpress 2 Neuronet, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Neuronet < 1.14.0 versions.
CVE-2025-58953 2 Themerex, Wordpress 2 Joly, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Joly <= 1.22.0 versions.
CVE-2025-58954 2 Themerex, Wordpress 2 Homeroofer, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in HomeRoofer <= 2.11.0 versions.
CVE-2025-69117 2 Themerex, Wordpress 2 Ingenioso, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Ingenioso <= 1.14.0 versions.
CVE-2025-69145 2 Themerex, Wordpress 2 Gat, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Gat <= 1.16 versions.
CVE-2025-69148 2 Themerex, Wordpress 2 Quirky, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Quirky <= 1.23 versions.
CVE-2025-69172 2 Themerex, Wordpress 2 Resurs, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Resurs <= 1.3 versions.
CVE-2025-69173 2 Themerex, Wordpress 2 Tipsy, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.
CVE-2026-22325 2 Axiomthemes, Wordpress 2 Promo, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions.
CVE-2026-22326 2 Axiomthemes, Wordpress 2 Reprizo, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
CVE-2026-22330 2 Themeum, Wordpress 2 Right Way, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
CVE-2026-22331 2 Themerex, Wordpress 2 Autoparts, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions.
CVE-2026-22338 2 Themerex, Wordpress 2 Ecoblue, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.
CVE-2026-25446 2 Wishlist Products, Wordpress 2 Wishlist Member X, Wordpress 2026-06-26 9.9 Critical
Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions.
CVE-2026-39558 2 Elated-themes, Wordpress 2 Malmö, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Malmö <= 2.2 versions.
CVE-2026-40731 1 Mikado-themes 2 Chapterone, Halstein 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in ChapterOne <= 1.7 versions.
CVE-2026-40735 2 Edge-themes, Wordpress 2 Reina, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Reina <= 2.1 versions.