Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (5353 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-31736 1 Wordpress 1 Wordpress 2025-07-12 6.5 Medium
Missing Authorization vulnerability in richtexteditor Rich Text Editor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rich Text Editor: from n/a through 1.0.1.
CVE-2024-56070 1 Wordpress 1 Wordpress 2025-07-12 7.4 High
Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through 2.3.3.
CVE-2024-35174 2 Flothemes, Wordpress 2 Flo Forms, Wordpress 2025-07-12 5.3 Medium
Missing Authorization vulnerability in Flothemes Flo Forms.This issue affects Flo Forms: from n/a through 1.0.42.
CVE-2025-31834 1 Wordpress 1 Wordpress 2025-07-12 5.3 Medium
Missing Authorization vulnerability in themeglow JobBoard Job listing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobBoard Job listing: from n/a through 1.2.7.
CVE-2025-48337 1 Wordpress 1 Wordpress 2025-07-12 5.3 Medium
Missing Authorization vulnerability in QuickcabWP QuickCab.This issue affects QuickCab: from n/a through 1.3.3.
CVE-2023-32519 1 Webcodin 1 Wcp Contact Form 2025-07-12 4.3 Medium
Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0.
CVE-2024-28003 2 Megamenu, Wordpress 2 Max Mega Menu, Wordpress 2025-07-12 5.4 Medium
Missing Authorization vulnerability in Megamenu Max Mega Menu.This issue affects Max Mega Menu: from n/a through 3.3.
CVE-2025-32240 1 Wordpress 1 Wordpress 2025-07-12 6.5 Medium
Missing Authorization vulnerability in NotFound Site Notify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Site Notify: from n/a through 1.0.
CVE-2024-4410 1 Wordpress 1 Wordpress 2025-07-12 5.4 Medium
The IgnitionDeck Crowdfunding Platform plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.9.8. This is due to missing capability checks on various functions called via AJAX actions in the ~/classes/class-idf-wizard.php file. This makes it possible for authenticated attackers, with subscriber access or higher, to execute various AJAX actions. This includes actions to change the permalink structure, plugin settings and others.
CVE-2024-52485 1 Wordpress 1 Wordpress 2025-07-12 6.5 Medium
Missing Authorization vulnerability in Yudiz Solutions Ltd. WP Menu Image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Menu Image: from n/a through 2.2.
CVE-2025-23955 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in xola.com Xola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xola: from n/a through 1.6.
CVE-2024-43268 2 Wordpress, Wpbackitup 2 Wordpress, Backup And Restore Wordpress 2025-07-12 5.4 Medium
Access Control vulnerability in WPBackItUp Backup and Restore WordPress allows . This issue affects Backup and Restore WordPress: from n/a through 1.50.
CVE-2025-32212 1 Wordpress 1 Wordpress 2025-07-12 6.5 Medium
Missing Authorization vulnerability in Specia Theme Specia Companion allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specia Companion: from n/a through 4.6.
CVE-2025-31541 1 Wordpress 1 Wordpress 2025-07-12 6.5 Medium
Missing Authorization vulnerability in turitop TuriTop Booking System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TuriTop Booking System: from n/a through 1.0.10.
CVE-2023-25959 2 Apollo13themes, Wordpress 2 Apollo13 Framework Extensions, Wordpress 2025-07-12 5.4 Medium
Missing Authorization vulnerability in Apollo13Themes Apollo13 Framework Extensions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apollo13 Framework Extensions: from n/a through 1.8.10.
CVE-2025-24692 1 Wordpress 1 Wordpress 2025-07-12 7.1 High
Missing Authorization vulnerability in Michael Revellin-Clerc Bulk Menu Edit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bulk Menu Edit: from n/a through 1.3.
CVE-2023-28165 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in Tech Banker Backup Bank: WordPress Backup Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup Bank: WordPress Backup Plugin: from n/a through 4.0.28.
CVE-2025-26942 1 Wordpress 1 Wordpress 2025-07-12 7.5 High
Missing Authorization vulnerability in NotFound JetTricks allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects JetTricks: from n/a through 1.5.1.
CVE-2025-32277 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in Ateeq Rafeeq RepairBuddy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RepairBuddy: from n/a through 3.8211.
CVE-2025-24682 1 Wordpress 1 Wordpress 2025-07-12 4.3 Medium
Missing Authorization vulnerability in mikemmx Super Block Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Super Block Slider: from n/a through 2.7.9.