Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (5468 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-36387 1 About-me Project 1 About-me 2025-02-20 7.6 High
Broken Access Control vulnerability in Alessio Caiazza's About Me plugin <= 1.0.12 at WordPress.
CVE-2022-37344 1 Accommodation-system Project 1 Accommodation-system 2025-02-20 7.6 High
Missing Access Control vulnerability in PHP Crafts Accommodation System plugin <= 1.0.1 at WordPress.
CVE-2022-36427 1 About-rentals Project 1 About-rentals 2025-02-20 7.3 High
Missing Access Control vulnerability in About Rentals. Inc. About Rentals plugin <= 1.5 at WordPress.
CVE-2022-38070 1 Mypopups 1 Pop-up 2025-02-20 5.4 Medium
Privilege Escalation (subscriber+) vulnerability in Pop-up plugin <= 1.1.5 at WordPress.
CVE-2022-38058 1 Wpvar 1 Wp Shamsi 2025-02-20 4.3 Medium
Authenticated (subscriber+) Plugin Setting change vulnerability in WP Shamsi plugin <= 4.1.1 at WordPress.
CVE-2022-36793 1 Wp-shop 1 Wp Shop 2025-02-20 6.5 Medium
Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities in WP Shop plugin <= 3.9.6 at WordPress.
CVE-2022-38067 1 Total-soft 1 Event Calendar 2025-02-20 6.5 Medium
Unauthenticated Event Deletion vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress.
CVE-2022-38135 1 Photospace Gallery Project 1 Photospace Gallery 2025-02-20 5.4 Medium
Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings.
CVE-2022-35238 1 Brinidesigner 1 Awesome Filterable Portfolio 2025-02-20 6.5 Medium
Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.
CVE-2022-38134 1 Cusrev 1 Customer Reviews For Woocommerce 2025-02-20 4.3 Medium
Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
CVE-2022-38104 1 Oxilab 1 Accordions 2025-02-20 7.2 High
Auth. WordPress Options Change (siteurl, users_can_register, default_role, admin_email and new_admin_email) vulnerability in Biplob Adhikari's Accordions – Multiple Accordions or FAQs Builder plugin (versions <= 2.0.3 on WordPress.
CVE-2022-41978 1 Zohocorp 1 Zoho Crm Lead Magnet 2025-02-20 8.8 High
Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM Lead Magnet plugin <= 1.7.5.8 on WordPress.
CVE-2022-38461 1 Wpml 1 Wpml 2025-02-20 5.4 Medium
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings (selected language for legacy widgets, the default behavior for media content).
CVE-2022-45066 1 Thriveweb 1 Wooswipe Woocommerce Gallery 2025-02-20 5.4 Medium
Auth. (subscriber+) Broken Access Control vulnerability in WooSwipe WooCommerce Gallery plugin <= 2.0.1 on WordPress.
CVE-2022-45069 1 Automattic 1 Crowdsignal Dashboard 2025-02-20 6.3 Medium
Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress.
CVE-2022-38974 1 Wpml 1 Wpml 2025-02-20 4.3 Medium
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs.
CVE-2022-41781 1 Permalink Manager Lite Project 1 Permalink Manager Lite 2025-02-20 6.5 Medium
Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress.
CVE-2022-42461 1 Miniorange 1 Google Authenticator 2025-02-20 5.4 Medium
Broken Access Control vulnerability in miniOrange's Google Authenticator plugin <= 5.6.1 on WordPress.
CVE-2022-41839 1 Wpbrigade 1 Loginpress 2025-02-20 5.3 Medium
Broken Access Control vulnerability in WordPress LoginPress plugin <= 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings.
CVE-2022-45369 1 Richplugins 1 Plugin For Google Reviews 2025-02-20 4.3 Medium
Auth. (subscriber+) Broken Access Control vulnerability in Plugin for Google Reviews plugin <= 2.2.2 on WordPress.