CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8240 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-28995	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in viralloops Viral Loops WP Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Viral Loops WP Integration: from n/a through 3.8.1.
CVE-2024-32717	1 Wpdeveloper	1 Schedulepress	2025-07-12	6.5 Medium
Missing Authorization vulnerability in WPDeveloper SchedulePress.This issue affects SchedulePress: from n/a through 5.0.8.
CVE-2025-39398	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Themovation Hotel + Bed and Breakfast Booking Calendar Theme \| Bellevue.This issue affects Hotel + Bed and Breakfast Booking Calendar Theme \| Bellevue: from n/a through 4.2.2.
CVE-2025-49248	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in cmoreira Team Showcase allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Team Showcase: from n/a through n/a.
CVE-2023-49754	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Yogesh Pawar, Clarion Technologies Bulk Edit Post Titles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Edit Post Titles: from n/a through 5.0.0.
CVE-2023-49858	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Austin Passy Custom Login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login: from n/a through 4.1.0.
CVE-2024-32813	1 Softlab	1 Integrate Google Drive	2025-07-12	5.3 Medium
Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.9.
CVE-2023-32094	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Felix Welberg Extended Post Status allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extended Post Status: from n/a through 1.0.19.
CVE-2024-38740	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in Packlink Shipping S.L. Packlink PRO shipping module allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Packlink PRO shipping module: from n/a through 3.4.6.
CVE-2025-31540	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in acmemediakits ACME Divi Modules allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ACME Divi Modules: from n/a through 1.3.5.
CVE-2023-36694	1 Wordpress	1 Wordpress	2025-07-12	6.3 Medium
Missing Authorization vulnerability in Bryan Lee Kingkong Board.This issue affects Kingkong Board: from n/a through 2.1.0.2.
CVE-2024-56243	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in JS Morisset WPSSO Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSSO Core: from n/a through 18.18.1.
CVE-2025-48262	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Michael Revellin-Clerc Url Rewrite Analyzer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Url Rewrite Analyzer: from n/a through 1.3.3.
CVE-2023-27449	1 Wordpress	1 Wordpress	2025-07-12	6.3 Medium
Missing Authorization vulnerability in TotalSuite Total Poll Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through 4.8.6.
CVE-2024-54402	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Jozoor Arabic Webfonts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Arabic Webfonts: from n/a through 1.4.6.
CVE-2024-10533	2 Ninjateam, Wordpress	2 Wp Chat App, Wordpress	2025-07-12	4.3 Medium
The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajax_install_plugin() function in all versions up to, and including, 3.6.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the filebird plugin.
CVE-2024-56211	1 Wordpress	1 Wordpress	2025-07-12	8.8 High
Missing Authorization vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9.
CVE-2024-10092	2 Wordpress, Wpchill	2 Wordpress, Download Monitor	2025-07-12	4.3 Medium
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_handle_api_key_actions function in all versions up to, and including, 5.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to revoke existing API keys and generate new ones.
CVE-2024-32148	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Salesforce Pardot.This issue affects Pardot: from n/a through 2.1.0.
CVE-2023-26002	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.19.5.

« first previous Page 89 of 412. next last »