Export limit exceeded: 362534 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 13639 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (13639 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-22501 2 Axiomthemes, Wordpress 2 Mounthood, Wordpress 2026-04-22 9.8 Critical
Deserialization of Untrusted Data vulnerability in axiomthemes Mounthood mounthood allows Object Injection.This issue affects Mounthood: from n/a through <= 1.3.2.
CVE-2026-27983 2 Designthemes, Wordpress 2 Lms Elementor Pro, Wordpress 2026-04-22 9.8 Critical
Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through <= 1.0.4.
CVE-2026-27390 2 Designthemes, Wordpress 2 Wedesigntech Ultimate Booking Addon, Wordpress 2026-04-22 8.8 High
Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.1.
CVE-2026-22453 2 Themerex, Wordpress 2 Pets Club, Wordpress 2026-04-22 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Pets Club petclub allows Object Injection.This issue affects Pets Club: from n/a through <= 2.3.
CVE-2026-27984 2 Marketingfire, Wordpress 2 Widget-options, Wordpress 2026-04-22 9 Critical
Improper Control of Generation of Code ('Code Injection') vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through <= 4.1.3.
CVE-2026-28014 2 Themerex, Wordpress 2 Translogic, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Translogic translogic allows PHP Local File Inclusion.This issue affects Translogic: from n/a through <= 1.2.11.
CVE-2026-22419 2 Ancorathemes, Wordpress 2 Honor, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Honor honor allows PHP Local File Inclusion.This issue affects Honor: from n/a through <= 2.3.
CVE-2026-22412 2 Mikado-themes, Wordpress 2 Eona, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Eona eona allows PHP Local File Inclusion.This issue affects Eona: from n/a through <= 1.3.
CVE-2026-27359 2 Fox-themes, Wordpress 2 Awa Plugins, Wordpress 2026-04-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Awa Plugins awa-plugins allows Reflected XSS.This issue affects Awa Plugins: from n/a through <= 1.4.4.
CVE-2026-27986 2 Themerex, Wordpress 2 Ostende, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX OsTende ostende allows PHP Local File Inclusion.This issue affects OsTende: from n/a through <= 1.4.3.
CVE-2026-27989 2 Themerex, Wordpress 2 Quanzo, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Quanzo quanzo allows PHP Local File Inclusion.This issue affects Quanzo: from n/a through <= 1.0.10.
CVE-2026-27384 2 Boldgrid, Wordpress 2 W3 Total Cache, Wordpress 2026-04-22 9 Critical
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through <= 2.9.1.
CVE-2025-68515 2 Roland Murg, Wordpress 2 Wp Booking System, Wordpress 2026-04-22 5.8 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in Roland Murg WP Booking System wp-booking-system allows Retrieve Embedded Sensitive Data.This issue affects WP Booking System: from n/a through <= 2.0.19.12.
CVE-2025-69338 2 Don-themes, Wordpress 2 Riode, Wordpress 2026-04-22 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/a through <= 1.6.26.
CVE-2026-27335 2 Ancorathemes, Wordpress 2 Ekoterra - Nonprofit, Green Energy & Ecology Theme, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme ekoterra allows PHP Local File Inclusion.This issue affects Ekoterra - NonProfit, Green Energy & Ecology Theme: from n/a through <= 1.0.0.
CVE-2026-27990 2 Themerex, Wordpress 2 Confix, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFix: from n/a through <= 1.013.
CVE-2026-27337 2 Ancorathemes, Wordpress 2 Chronicle - Lifestyle Magazine & Blog Wordpress Theme, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress Theme: from n/a through <= 1.0.
CVE-2026-27339 2 Ancorathemes, Wordpress 2 Buzz Stone | Magazine & Viral Blog Wordpress Theme, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Buzz Stone | Magazine & Viral Blog WordPress Theme buzzstone allows PHP Local File Inclusion.This issue affects Buzz Stone | Magazine & Viral Blog WordPress Theme: from n/a through <= 1.0.2.
CVE-2026-27340 2 Ancorathemes, Wordpress 2 Apollo | Night Club, Dj Event Wordpress Theme, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Apollo | Night Club, DJ Event WordPress Theme apollo allows PHP Local File Inclusion.This issue affects Apollo | Night Club, DJ Event WordPress Theme: from n/a through <= 1.3.1.
CVE-2026-27383 2 Radiustheme, Wordpress 2 Metro, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through <= 2.13.