Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (343487 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-39495 2 Nsquared, Wordpress 2 Simply Schedule Appointments, Wordpress 2026-04-08 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through <= 1.6.9.27.
CVE-2026-39613 2 Kutethemes, Wordpress 2 Boutique, Wordpress 2026-04-08 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through <= 2.3.3.
CVE-2026-39496 2026-04-08 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YayMail yaymail allows Blind SQL Injection.This issue affects YayMail: from n/a through <= 4.3.3.
CVE-2026-39614 2 Ilghera, Wordpress 2 Jw Player For Wordpress, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JW Player for WordPress: from n/a through <= 2.3.6.
CVE-2026-39497 2026-04-08 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through <= 1.4.5.
CVE-2026-39501 2026-04-08 N/A
Missing Authorization vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FOX: from n/a through <= 1.4.5.
CVE-2026-39618 2 Themearile, Wordpress 2 Newsexo, Wordpress 2026-04-08 N/A
Cross-Site Request Forgery (CSRF) vulnerability in themearile NewsExo newsexo allows Cross Site Request Forgery.This issue affects NewsExo: from n/a through <= 7.1.
CVE-2026-39622 2 Acmethemes, Wordpress 2 Education Base, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through <= 3.0.8.
CVE-2026-39520 2 Wedevs, Wordpress 2 Wedocs, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through <= 2.1.18.
CVE-2026-39623 2 Kutethemes, Wordpress 2 Biolife, Wordpress 2026-04-08 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Biolife biolife allows PHP Local File Inclusion.This issue affects Biolife: from n/a through <= 3.2.3.
CVE-2026-39624 2 Kutethemes, Wordpress 2 Biolife, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biolife: from n/a through <= 3.2.3.
CVE-2026-39561 2 Wordpress, Wp Chill 2 Wordpress, Revive.so 2026-04-08 N/A
Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.7.
CVE-2026-39625 2 Kutethemes, Wordpress 2 Techone, Wordpress 2026-04-08 N/A
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through <= 3.0.3.
CVE-2026-39626 2 Kutethemes, Wordpress 2 Armania, Wordpress 2026-04-08 N/A
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through <= 1.4.8.
CVE-2026-39572 2026-04-08 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through < 5.6.5.
CVE-2026-39630 2 Getty Images, Wordpress 2 Getty Images, Wordpress 2026-04-08 N/A
Server-Side Request Forgery (SSRF) vulnerability in Getty Images Getty Images getty-images allows Server Side Request Forgery.This issue affects Getty Images: from n/a through <= 4.1.0.
CVE-2026-39650 2 Unitech Web, Wordpress 2 Unitechpay, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in Unitech Web UnitechPay unitechpay-paiements-mobile-money allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnitechPay: from n/a through <= 1.0.2.
CVE-2026-39652 2 Igms, Wordpress 2 Igms Direct Booking, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in igms iGMS Direct Booking igms-direct-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iGMS Direct Booking: from n/a through <= 1.3.
CVE-2026-39653 2026-04-08 N/A
Missing Authorization vulnerability in Deepen Bajracharya Video Conferencing with Zoom video-conferencing-with-zoom-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Conferencing with Zoom: from n/a through <= 4.6.6.
CVE-2026-39656 2 Razorpay, Wordpress 2 Razorpay For Woocommerce, Wordpress 2026-04-08 N/A
Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through <= 4.8.2.