Search

Expected end of text, found ':' (at char 6), (line:1, col:7)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (334377 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-68022 2 Soporteblue, Wordpress 2 Plugin Bluex For Woocommerce, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin BlueX for WooCommerce: from n/a through <= 3.1.6.
CVE-2025-68023 2 Addonify, Wordpress 2 Addonify – Compare Products For Woocommerce, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Addonify Addonify &#8211; Compare Products For WooCommerce addonify-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify &#8211; Compare Products For WooCommerce: from n/a through <= 1.1.17.
CVE-2025-68024 2 Addonify, Wordpress 2 Addonify – Woocommerce Wishlist, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Addonify Addonify – WooCommerce Wishlist addonify-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – WooCommerce Wishlist: from n/a through <= 2.0.15.
CVE-2025-68025 2 Addonify, Wordpress 2 Addonify Floating Cart For Woocommerce, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Addonify Addonify Floating Cart For WooCommerce addonify-floating-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify Floating Cart For WooCommerce: from n/a through <= 1.2.17.
CVE-2025-68026 2 Niaj Morshed, Wordpress 2 Lc Wizard, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through <= 2.1.1.
CVE-2025-68028 2 Passionate Brains, Wordpress 2 Ga4wp: Google Analytics For Wordpress, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through <= 2.10.0.
CVE-2025-68031 2 Faraz Sms, Wordpress 2 افزونه پیامک حرفه ای فراز اس ام اس, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in faraz sms افزونه پیامک حرفه ای فراز اس ام اس farazsms allows Reflected XSS.This issue affects افزونه پیامک حرفه ای فراز اس ام اس: from n/a through <= 2.7.3.
CVE-2025-68032 2 Passionate Brains, Wordpress 2 Advanced Wc Analytics, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Passionate Brains Advanced WC Analytics advance-wc-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced WC Analytics: from n/a through <= 3.19.0.
CVE-2025-68037 2 Atlasgondal, Wordpress 2 Export Media Urls, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atlas Gondal Export Media URLs export-media-urls allows Reflected XSS.This issue affects Export Media URLs: from n/a through <= 2.2.
CVE-2025-68042 2 Travelpayouts, Wordpress 2 Travelpayouts, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Travelpayouts Travelpayouts travelpayouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelpayouts: from n/a through <= 1.2.1.
CVE-2025-68043 2 Lottiefiles, Wordpress 2 Lottiefiles, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LottieFiles: from n/a through <= 3.0.0.
CVE-2025-68048 2 Wordpress, Xlplugins 2 Wordpress, Nextmove 2026-02-23 N/A
Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through <= 2.23.0.
CVE-2025-68050 2 Leadpages, Wordpress 2 Leadpages, Wordpress 2026-02-23 N/A
Missing Authorization vulnerability in Leadpages Leadpages leadpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadpages: from n/a through <= 1.1.3.
CVE-2026-25747 1 Apache 1 Camel 2026-02-23 N/A
Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB component. The Camel-LevelDB DefaultLevelDBSerializer class deserializes data read from the LevelDB aggregation repository using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. An attacker who can write to the LevelDB database files used by a Camel application can inject a crafted serialized Java object that, when deserialized during normal aggregation repository operations, results in arbitrary code execution in the context of the application. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.5, from 4.15.0 before 4.18.0. Users are recommended to upgrade to version 4.18.0, which fixes the issue. For the 4.10.x LTS releases, users are recommended to upgrade to 4.10.9, while for 4.14.x LTS releases, users are recommended to upgrade to 4.14.5
CVE-2025-68051 2 Shiprocket, Wordpress 2 Shiprocket, Wordpress 2026-02-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Shiprocket Shiprocket shiprocket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiprocket: from n/a through <= 2.0.8.
CVE-2025-68069 2 Wordpress, Wpwax 2 Wordpress, Directorist 2026-02-23 N/A
Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through <= 8.5.10.
CVE-2025-68495 2 Crocoblock, Wordpress 2 Jetengine, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through <= 3.8.0.
CVE-2025-68501 2 Mollie, Wordpress 2 Mollie Payments For Woocommerce, Wordpress 2026-02-23 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mollie Mollie Payments for WooCommerce mollie-payments-for-woocommerce allows Reflected XSS.This issue affects Mollie Payments for WooCommerce: from n/a through <= 8.1.1.
CVE-2025-68514 2 Cozmoslabs, Wordpress 2 Paid Member Subscriptions, Wordpress 2026-02-23 N/A
Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Paid Member Subscriptions: from n/a through <= 2.16.8.
CVE-2025-68526 2 A Wp Life, Wordpress 2 Modal Popup Box, Wordpress 2026-02-23 N/A
Deserialization of Untrusted Data vulnerability in A WP Life Modal Popup Box modal-popup-box allows Object Injection.This issue affects Modal Popup Box: from n/a through <= 1.6.1.