Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (2677 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-68038 2 Icegram, Wordpress 2 Icegram Express, Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers-premium allows Object Injection.This issue affects Icegram Express Pro: from n/a through < 5.9.14.
CVE-2025-67535 2 Weplugins, Wordpress 2 Wp Maps, Wordpress 2026-04-01 6.5 Medium
Deserialization of Untrusted Data vulnerability in Flipper Code - WordPress Development Company WP Maps wp-google-map-plugin allows Object Injection.This issue affects WP Maps: from n/a through <= 4.8.6.
CVE-2025-60238 1 Wordpress 1 Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in universam UNIVERSAM universam-demo allows Object Injection.This issue affects UNIVERSAM: from n/a through <= 9.03.
CVE-2025-60216 1 Wordpress 1 Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in BoldThemes Addison addison allows Object Injection.This issue affects Addison: from n/a through < 1.4.8.
CVE-2025-60214 1 Wordpress 1 Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in BoldThemes Goldenblatt goldenblatt allows Object Injection.This issue affects Goldenblatt: from n/a through < 1.3.0.
CVE-2025-60084 3 Add-ons.org, Elementor, Wordpress 3 Pdf-for-elementor-forms, Elementor, Wordpress 2026-04-01 8.6 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through <= 6.5.0.
CVE-2025-60083 3 Add-ons.org, Woocommerce, Wordpress 3 Pdf Invoice Builder For Woocommerce, Woocommerce, Wordpress 2026-04-01 8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Object Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 6.5.0.
CVE-2025-60082 2 Add-ons.org, Wordpress 2 Pdf For Wpforms, Wordpress 2026-04-01 8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through <= 6.5.0.
CVE-2025-60081 1 Wordpress 1 Wordpress 2026-04-01 8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through <= 6.5.0.
CVE-2025-60080 1 Wordpress 1 Wordpress 2026-04-01 7.5 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through <= 6.5.0.
CVE-2026-32355 2 Crocoblock, Wordpress 2 Jetengine, Wordpress 2026-04-01 8.8 High
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through < 3.8.4.1.
CVE-2026-28138 2 Stylemixthemes, Wordpress 2 Ulisting, Wordpress 2026-04-01 7.2 High
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through <= 2.2.0.
CVE-2026-28105 2 Themerex, Wordpress 2 Good Energy, Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Good Energy goodenergy allows Object Injection.This issue affects Good Energy: from n/a through <= 1.7.7.
CVE-2026-28074 2 Themerex, Wordpress 2 Pizza House, Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Pizza House pizzahouse allows Object Injection.This issue affects Pizza House: from n/a through <= 1.4.0.
CVE-2026-27439 2 Themerex, Wordpress 2 Dentario, Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Dentario dentario allows Object Injection.This issue affects Dentario: from n/a through <= 1.5.
CVE-2026-27438 2 Themerex, Wordpress 2 Kingler, Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Kingler kingler allows Object Injection.This issue affects Kingler: from n/a through <= 1.7.
CVE-2026-27437 2 Themerex, Wordpress 2 Tennis Club, Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeREX Tennis Club tennis-sportclub allows Object Injection.This issue affects Tennis Club: from n/a through <= 1.2.3.
CVE-2026-27417 2 Seventhqueen, Wordpress 2 Sweet Date, Wordpress 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in SeventhQueen Sweet Date sweetdate allows Object Injection.This issue affects Sweet Date: from n/a through < 4.0.1.
CVE-2026-27379 2 Nextscripts, Wordpress 2 Nextscripts, Wordpress 2026-04-01 8.8 High
Deserialization of Untrusted Data vulnerability in NextScripts NextScripts social-networks-auto-poster-facebook-twitter-g allows Object Injection.This issue affects NextScripts: from n/a through <= 4.4.7.
CVE-2026-27369 2 Boldthemes, Wordpress 2 Celeste, Wordpress 2026-04-01 8.1 High
Deserialization of Untrusted Data vulnerability in BoldThemes Celeste celeste allows Object Injection.This issue affects Celeste: from n/a through <= 1.3.6.