Search

Expected end of text, found ':' (at char 23), (line:1, col:24)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (338340 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-32443 2 Josh Kohlbach, Wordpress 2 Product Feed Pro For Woocommerce, Wordpress 2026-03-16 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce woo-product-feed-pro allows Cross Site Request Forgery.This issue affects Product Feed PRO for WooCommerce: from n/a through <= 13.5.2.
CVE-2026-3999 1 Pointsharp 1 Id Server 2026-03-16 N/A
A broken access control may allow an authenticated user to perform a horizontal privilege escalation. The vulnerability only impacts specific configurations.
CVE-2026-32746 1 Gnu 1 Inetutils 2026-03-16 9.8 Critical
telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.
CVE-2026-32386 2 Envothemes, Wordpress 2 Envo Extra, Wordpress 2026-03-16 5.4 Medium
Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Extra: from n/a through <= 1.9.13.
CVE-2026-32397 2 Wordpress, Ymc-22 2 Wordpress, Filter & Grids 2026-03-16 5.3 Medium
Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <= 3.5.1.
CVE-2026-32400 2 Themetechmount, Wordpress 2 Boldman, Wordpress 2026-03-16 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affects Boldman: from n/a through <= 7.7.
CVE-2026-32404 2 Studio99, Wordpress 2 Studio99 Wp Monitor, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through <= 1.0.3.
CVE-2026-32451 2 Themefusion, Wordpress 2 Fusion Builder, Wordpress 2026-03-16 6.3 Medium
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-32486 2 Wordpress, Wptravelengine 2 Wordpress, Travel Booking 2026-03-16 5.3 Medium
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through <= 1.3.9.
CVE-2026-32336 2 Rarathemes, Wordpress 2 Rara Business, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in raratheme Rara Business rara-business allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rara Business: from n/a through <= 1.3.0.
CVE-2026-32342 2 Ays-pro, Wordpress 2 Quiz Maker, Wordpress 2026-03-16 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.1.2.
CVE-2026-32348 2 Madrasthemes, Wordpress 2 Mas Videos, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in MadrasThemes MAS Videos masvideos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAS Videos: from n/a through <= 1.3.2.
CVE-2026-32355 2 Crocoblock, Wordpress 2 Jetengine, Wordpress 2026-03-16 8.8 High
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through < 3.8.4.1.
CVE-2026-32356 2 Robosoft, Wordpress 2 Robo Gallery, Wordpress 2026-03-16 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery robo-gallery allows DOM-Based XSS.This issue affects Robo Gallery: from n/a through <= 5.1.2.
CVE-2026-32372 2 Radiustheme, Wordpress 2 Shopbuilder – Elementor Woocommerce Builder Addons, Wordpress 2026-03-16 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder allows Retrieve Embedded Sensitive Data.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through <= 3.2.4.
CVE-2026-32359 2 Bplugins, Wordpress 2 Icon List Block, Wordpress 2026-03-16 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Icon List Block icon-list-block allows Stored XSS.This issue affects Icon List Block: from n/a through <= 1.2.3.
CVE-2026-32378 2 Rarathemes, Wordpress 2 Book Landing Page, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in raratheme Book Landing Page book-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Landing Page: from n/a through <= 1.2.7.
CVE-2026-32402 2 Ays-pro, Wordpress 2 Image Slider, Wordpress 2026-03-16 5.3 Medium
Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through <= 2.7.1.
CVE-2026-32405 2 Wordpress, Xtemos 2 Wordpress, Woodmart 2026-03-16 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a through <= 8.3.9.
CVE-2026-32417 2 Wordpress, Wppochipp 2 Wordpress, Pochipp 2026-03-16 5.4 Medium
Missing Authorization vulnerability in wppochipp Pochipp pochipp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pochipp: from n/a through < 1.18.9.