CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8211 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-46606	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in AtomChat AtomChat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through 1.1.4.
CVE-2024-11085	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on several AJAX actions in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to access logs, update plugin-related user settings and general plugin settings.
CVE-2023-40011	2 Stylemixthemes, Wordpress	2 Cost Calculator Builder, Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in StylemixThemes Cost Calculator Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator Builder: from n/a through 3.1.42.
CVE-2024-13947	1 Abb	3 Aspect Enterprise, Matrix Series, Nexus Series	2025-07-12	6 Medium
Device commissioning parameters in ASPECT may be modified by an external source if administrative credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3.*.
CVE-2024-49680	2 Rextheme, Wordpress	2 Wp Vr, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Rextheme WP VR allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through 8.5.5.
CVE-2025-31876	1 Wordpress	1 Wordpress	2025-07-12	5.8 Medium
Missing Authorization vulnerability in gunnarpayday Payday allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Payday: from n/a through 3.3.12.
CVE-2023-47187	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through 5.4.
CVE-2023-47179	2 Byconsole, Wordpress	2 Wooodt Lite, Wordpress	2025-07-12	8.8 High
Missing Authorization vulnerability in ByConsole WooODT Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through 2.4.6.
CVE-2025-28938	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Bjoern WP Performance Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Performance Pack: from n/a through 2.5.3.
CVE-2025-32279	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Shahjada Live Forms. This issue affects Live Forms: from n/a through 4.8.5.
CVE-2025-39580	1 Wordpress	1 Wordpress	2025-07-12	5.8 Medium
Missing Authorization vulnerability in jidaikobo Dashi allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dashi: from n/a through 3.1.8.
CVE-2024-54378	1 Wordpress	1 Wordpress	2025-07-12	8.8 High
Missing Authorization vulnerability in Quietly Quietly Insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through 1.2.2.
CVE-2025-32213	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in flothemesplugins Flo Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Flo Forms: from n/a through 1.0.43.
CVE-2024-34442	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in weDevs weDocs.This issue affects weDocs: from n/a through 2.1.4.
CVE-2024-32777	1 Wordpress	1 Wordpress	2025-07-12	7.5 High
Missing Authorization vulnerability in BizSwoop a CPF Concepts, LLC Brand BizPrint.This issue affects BizPrint: from n/a through 4.3.39.
CVE-2025-24754	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Houzez.co Houzez. This issue affects Houzez: from n/a through 3.4.0.
CVE-2024-32688	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0.
CVE-2024-32509	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76.
CVE-2025-30809	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Shahjada Live Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Live Forms: from n/a through 4.8.4.
CVE-2024-13716	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
The Forex Calculators plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_settings_callback() function in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugin's settings.

« first previous Page 77 of 411. next last »