Search

Expected end of text, found ':' (at char 6), (line:1, col:7)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346870 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-67524 3 Elementor, Nootheme, Wordpress 3 Elementor, Jobmonster, Wordpress 2026-04-23 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through <= 1.1.4.
CVE-2025-67523 1 Wordpress 1 Wordpress 2026-04-23 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Exhibz exhibz allows PHP Local File Inclusion.This issue affects Exhibz: from n/a through <= 3.0.9.
CVE-2025-67522 2 Nootheme, Wordpress 2 Jobmonster, Wordpress 2026-04-23 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster noo-jobmonster allows PHP Local File Inclusion.This issue affects Jobmonster: from n/a through <= 4.8.2.
CVE-2025-67521 2 Select-themes, Wordpress 2 Select Core, Wordpress 2026-04-23 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Select Core select-core allows PHP Local File Inclusion.This issue affects Select Core: from n/a through < 2.6.
CVE-2025-67468 2 Crmperks, Wordpress 2 Integration For Salesforce And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms cf7-salesforce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms: from n/a through <= 1.4.6.
CVE-2025-66534 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Elated-Themes The Aisle theaisle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Aisle: from n/a through <= 2.9.
CVE-2025-66532 3 Mikado-themes, Qodeinteractive, Wordpress 3 Powerlift, Powerlift, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Mikado-Themes Powerlift powerlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Powerlift: from n/a through < 3.2.1.
CVE-2025-66531 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through <= 10.30.3.
CVE-2025-66530 2 Webba-booking, Wordpress 2 Webba Booking, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webba Booking: from n/a through <= 6.2.1.
CVE-2025-66529 2 Ays-pro, Wordpress 2 Chartify, Wordpress 2026-04-23 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through <= 3.6.3.
CVE-2025-66528 2 Villatheme, Wordpress 2 Thank You Page Customizer For Woocommerce, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer for WooCommerce: from n/a through <= 1.1.8.
CVE-2025-66527 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in VanKarWai Lobo lobo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lobo: from n/a through <= 2.8.6.
CVE-2025-66525 2 Elasticemail, Wordpress 2 Elastic Email Sender, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through <= 1.2.20.
CVE-2025-66160 2 Merkulove, Wordpress 2 Select Graphist For Elementor, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in merkulove Select Graphist for Elementor Graphist for Elementor graphist-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Select Graphist for Elementor Graphist for Elementor: from n/a through <= 1.2.10.
CVE-2025-66159 2 Merkulove, Wordpress 2 Walker For Elementor, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in merkulove Walker for Elementor walker-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Walker for Elementor: from n/a through <= 1.1.6.
CVE-2025-66158 2 Merkulove, Wordpress 2 Gmaper For Elementor, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in merkulove Gmaper for Elementor gmaper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gmaper for Elementor: from n/a through <= 1.0.9.
CVE-2025-66157 2 Merkulove, Wordpress 2 Slider For Elementor, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in merkulove Sliper for Elementor sliper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sliper for Elementor: from n/a through <= 1.0.10.
CVE-2025-66156 2 Merkulove, Wordpress 2 Watcher For Elementor, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in merkulove Watcher for Elementor watcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watcher for Elementor: from n/a through <= 1.0.9.
CVE-2025-66155 2 Merkulove, Wordpress 2 Questionar For Elementor, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in merkulove Questionar for Elementor questionar-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Questionar for Elementor: from n/a through <= 1.1.7.
CVE-2025-66154 2 Merkulove, Wordpress 2 Couponer For Elementor, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in merkulove Couponer for Elementor couponer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Couponer for Elementor: from n/a through <= 1.1.7.