CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7644 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-41952	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Contact Form - WPManageNinja LLC FluentForm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through 5.0.8.
CVE-2023-49758	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Veribo, Roland Murg WP Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Booking System: from n/a through 2.0.19.2.
CVE-2024-35683	2 Teplitsa Of Social Technologies, Wordpress	2 Leyka, Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Teplitsa of social technologies Leyka.This issue affects Leyka: from n/a through 3.31.1.
CVE-2025-26956	1 Wordpress	1 Wordpress	2025-07-12	7.6 High
Missing Authorization vulnerability in Shinetheme Traveler.This issue affects Traveler: from n/a through 3.1.8.
CVE-2025-49246	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in cmoreira Testimonials Showcase allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Testimonials Showcase: from n/a through 1.9.16.
CVE-2025-39536	1 Wordpress	1 Wordpress	2025-07-12	8.2 High
Missing Authorization vulnerability in Chimpstudio JobHunt Job Alerts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobHunt Job Alerts: from n/a through 3.6.
CVE-2024-37483	2 Post Grid Team By Radiustheme, Wordpress	2 The Post Grid, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Post Grid Team by RadiusTheme The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Post Grid: from n/a through 7.7.4.
CVE-2025-22561	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Title Experiments Free: from n/a through 9.0.4.
CVE-2023-44149	1 Berocket	1 Brands For Woocommerce	2025-07-12	5.3 Medium
Missing Authorization vulnerability in BeRocket Brands for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brands for WooCommerce: from n/a through 3.8.2.2.
CVE-2022-45811	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in WeyHan Ng Post Teaser.This issue affects Post Teaser: from n/a through 4.1.5.
CVE-2024-32814	2 Wordpress, Zorem	2 Wordpress, Advanced Local Pickup For Woocommerce	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a through 1.6.1.
CVE-2024-56270	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in SecureSubmit WP SecureSubmit.This issue affects WP SecureSubmit: from n/a through 1.5.16.
CVE-2023-32129	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Sparkle WP Editorialmag editorialmag.This issue affects Editorialmag: from n/a through 1.1.9.
CVE-2025-23527	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Hemnath Mouli WC Wallet allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WC Wallet: from n/a through 2.2.0.
CVE-2025-22560	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in Saoshyant.1994 Saoshyant Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Saoshyant Page Builder: from n/a through 3.8.
CVE-2022-47601	2 Joomunited, Wordpress	2 Wp Table Manager, Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Table Manager: from n/a through 3.5.2.
CVE-2025-3609	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'reales_user_signup_form' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for unauthenticated attackers to create new user accounts, which can be leveraged with CVE-XX to achieve privilege escalation.
CVE-2023-32574	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Fahad Mahmood Injection Guard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Injection Guard: from n/a through 1.2.1.
CVE-2024-7096	1 Wso2	7 Api Manager, Enterprise Mobility Manager, Identity Server and 4 more	2025-07-12	4.2 Medium
A privilege escalation vulnerability exists in multiple [Vendor Name] products due to a business logic flaw in SOAP admin services. A malicious actor can create a new user with elevated permissions only when all of the following conditions are met: * SOAP admin services are accessible to the attacker. * The deployment includes an internally used attribute that is not part of the default WSO2 product configuration. * At least one custom role exists with non-default permissions. * The attacker has knowledge of the custom role and the internal attribute used in the deployment. Exploiting this vulnerability allows malicious actors to assign higher privileges to self-registered users, bypassing intended access control mechanisms.
CVE-2025-32178	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.18.0.

« first previous Page 40 of 383. next last »