Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (319426 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-6327 2 Kingaddons, Wordpress 2 King Addons For Elementor, Wordpress 2025-11-13 10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in KingAddons.com King Addons for Elementor king-addons allows Upload a Web Shell to a Web Server.This issue affects King Addons for Elementor: from n/a through <= 51.1.36.
CVE-2025-6325 2 Kingaddons, Wordpress 2 King Addons For Elementor, Wordpress 2025-11-13 9.8 Critical
Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king-addons allows Privilege Escalation.This issue affects King Addons for Elementor: from n/a through <= 51.1.36.
CVE-2025-64368 1 Wordpress 1 Wordpress 2025-11-13 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes Bard bardwp allows Cross Site Request Forgery.This issue affects Bard: from n/a through <= 1.6.
CVE-2025-64367 2 Groundhogg, Wordpress 2 Groundhogg, Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Tobey Groundhogg groundhogg allows Stored XSS.This issue affects Groundhogg: from n/a through <= 4.2.6.
CVE-2025-64366 2 Stylemixthemes, Wordpress 2 Masterstudy Lms, Wordpress 2025-11-13 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Blind SQL Injection.This issue affects MasterStudy LMS: from n/a through <= 3.6.27.
CVE-2025-64365 1 Wordpress 1 Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in colabrio Ohio Extra ohio-extra allows DOM-Based XSS.This issue affects Ohio Extra: from n/a through <= 3.6.0.
CVE-2025-64364 2 Stylemixthemes, Wordpress 2 Masterstudy Lms, Wordpress 2025-11-13 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Masterstudy masterstudy allows PHP Local File Inclusion.This issue affects Masterstudy: from n/a through < 4.8.126.
CVE-2025-64363 1 Wordpress 1 Wordpress 2025-11-13 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeventhQueen Kleo kleo allows PHP Local File Inclusion.This issue affects Kleo: from n/a through < 5.5.0.
CVE-2025-64362 1 Wordpress 1 Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SeventhQueen K Elements k-elements allows DOM-Based XSS.This issue affects K Elements: from n/a through < 5.5.0.
CVE-2025-64361 2 Stylemixthemes, Wordpress 2 Consulting Elementor Widgets, Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows DOM-Based XSS.This issue affects Consulting Elementor Widgets: from n/a through <= 1.4.2.
CVE-2025-64360 2 Stylemixthemes, Wordpress 2 Consulting Elementor Widgets, Wordpress 2025-11-13 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through <= 1.4.2.
CVE-2025-64359 2 Stylemixthemes, Wordpress 2 Consulting, Wordpress 2025-11-13 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Consulting consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through < 6.7.5.
CVE-2025-64358 3 Webtoffee, Woocommerce, Wordpress 3 Smart Coupons For Woocommerce, Woocommerce, Wordpress 2025-11-13 4.3 Medium
Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce wt-smart-coupons-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Coupons for WooCommerce: from n/a through <= 2.2.3.
CVE-2025-64357 1 Wordpress 1 Wordpress 2025-11-13 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. Advanced Database Cleaner advanced-database-cleaner allows Cross Site Request Forgery.This issue affects Advanced Database Cleaner: from n/a through <= 3.1.6.
CVE-2025-64356 2 F1logic, Wordpress 2 Insert Php Code Snippet, Wordpress 2025-11-13 4.3 Medium
Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through <= 1.4.3.
CVE-2025-64354 1 Wordpress 1 Wordpress 2025-11-13 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matias Ventura Gutenberg gutenberg allows Stored XSS.This issue affects Gutenberg: from n/a through <= 21.8.2.
CVE-2025-64353 1 Wordpress 1 Wordpress 2025-11-13 8.8 High
Deserialization of Untrusted Data vulnerability in Chouby Polylang polylang allows Object Injection.This issue affects Polylang: from n/a through <= 3.7.3.
CVE-2025-64352 2 Wordpress, Wpdeveloper 2 Wordpress, Essential Addons For Elementor 2025-11-13 2.7 Low
Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through <= 6.2.4.
CVE-2025-64351 2 Rank Math Seo, Wordpress 2 Rank Math Seo, Wordpress 2025-11-13 4.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Retrieve Embedded Sensitive Data.This issue affects Rank Math SEO: from n/a through <= 1.0.252.1.
CVE-2025-64350 2 Rank Math Seo, Wordpress 2 Rank Math Seo, Wordpress 2025-11-13 3.8 Low
Missing Authorization vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rank Math SEO: from n/a through <= 1.0.252.1.