CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11434 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-68000	2 Pickplugins, Wordpress	2 Testimonial Slider, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through <= 2.0.15.
CVE-2025-68021	2 Conveythis, Wordpress	2 Conveythis, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 269.9.
CVE-2026-39606	2 Foysal Imran, Wordpress	2 Bizreview, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through <= 1.5.13.
CVE-2026-39608	2 Ipospays, Wordpress	2 Ipospays Gateways Wc, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in iPOSPays iPOSpays Gateways WC ipospays-gateways-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iPOSpays Gateways WC: from n/a through <= 1.3.7.
CVE-2026-39622	2 Acmethemes, Wordpress	2 Education Base, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through <= 3.0.8.
CVE-2026-39607	2 Wordpress, Wpbens	2 Wordpress, Filter Plus	2026-04-24	5.4 Medium
Missing Authorization vulnerability in Wpbens Filter Plus filter-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter Plus: from n/a through <= 1.1.17.
CVE-2026-39610	2 Pankaj Kumar, Wordpress	2 Wpxmas-snow, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Pankaj Kumar WpXmas-Snow wpxmas-snow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpXmas-Snow: from n/a through <= 1.1.
CVE-2026-39637	2 Spabrice, Wordpress	2 Mogi, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through <= 1.2.3.
CVE-2026-39643	2 Payment Plugins, Wordpress	2 Payment Plugins For Paypal Woocommerce, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Payment Plugins Payment Plugins for PayPal WooCommerce pymntpl-paypal-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Plugins for PayPal WooCommerce: from n/a through <= 2.0.13.
CVE-2026-39649	2 Themebeez, Wordpress	2 Royale News, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through <= 2.2.4.
CVE-2026-39656	2 Razorpay, Wordpress	2 Razorpay For Woocommerce, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through <= 4.8.2.
CVE-2026-39669	2 Nitropack, Wordpress	2 Nitropack, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in NitroPack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NitroPack: from n/a through 1.19.3.
CVE-2026-39668	2 G5theme, Wordpress	2 Book Previewer For Woocommerce, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through <= 1.0.6.
CVE-2026-39663	2 Themetechmount, Wordpress	2 Truebooker, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.5.
CVE-2026-39673	2 Shrikantkale, Wordpress	2 Izooto, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in shrikantkale iZooto izooto-web-push allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iZooto: from n/a through <= 3.7.20.
CVE-2026-39699	2 Massiveshift, Wordpress	2 Ai Workflow Automation, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in massiveshift AI Workflow Automation ai-workflow-automation-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Workflow Automation: from n/a through <= 1.4.2.
CVE-2026-39690	2 Bearne, Wordpress	2 Author Avatars List/block, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Paul Bearne Author Avatars List/Block author-avatars allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Author Avatars List/Block: from n/a through <= 2.1.25.
CVE-2026-39707	2 Wordpress, Zealousweb	2 Wordpress, Accept Paypal Payments Using Contact Form 7	2026-04-24	5.3 Medium
Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept PayPal Payments using Contact Form 7: from n/a through <= 4.0.4.
CVE-2026-39685	2 Lvaudore, Wordpress	2 The Moneytizer, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in lvaudore The Moneytizer the-moneytizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Moneytizer: from n/a through <= 10.0.10.
CVE-2026-39691	2 Adastracrypto, Wordpress	2 Cryptocurrency Donation Box – Bitcoin & Crypto Donations, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in AdAstraCrypto Cryptocurrency Donation Box – Bitcoin & Crypto Donations cryptocurrency-donation-box allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Donation Box – Bitcoin & Crypto Donations: from n/a through <= 2.2.13.

« first previous Page 108 of 572. next last »