Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (2674 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-39495 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in BoldThemes Avantage avantage allows Object Injection.This issue affects Avantage: from n/a through <= 2.4.9.
CVE-2025-39485 1 Themegoods 1 Grand Tour 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour grandtour allows Object Injection.This issue affects Grand Tour: from n/a through <= 5.6.
CVE-2025-39480 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in ThemeMakers Car Dealer cardealer allows Object Injection.This issue affects Car Dealer: from n/a through < 1.6.8.
CVE-2025-39358 1 Wordpress 1 Wordpress 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Object Injection.This issue affects WP Posts Carousel: from n/a through <= 1.3.12.
CVE-2025-39356 1 Wordpress 1 Wordpress 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in Chimpstudio Foodbakery Sticky Cart foodbakery-sticky-cart allows Object Injection.This issue affects Foodbakery Sticky Cart: from n/a through <= 3.2.
CVE-2025-39354 2 Themegoods, Wordpress 2 Grand Conference, Wordpress 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference grandconference allows Object Injection.This issue affects Grand Conference: from n/a through <= 5.3.
CVE-2025-39349 1 Potenzaglobalsolutions 1 Ciyashop 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop ciyashop allows Object Injection.This issue affects CiyaShop: from n/a through <= 4.18.0.
CVE-2025-39348 1 Themegoods 1 Grand Restaurant 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through <= 7.0.
CVE-2025-32928 1 Themegoods 1 Altair 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in ThemeGoods Altair altair allows Object Injection.This issue affects Altair: from n/a through <= 5.2.2.
CVE-2025-32927 1 Chimpgroup 1 Foodbakery 2026-04-01 9.8 Critical
Deserialization of Untrusted Data vulnerability in Chimpstudio FoodBakery wp-foodbakery allows Object Injection.This issue affects FoodBakery: from n/a through <= 3.3.
CVE-2025-32686 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in WPSpeedo Team Members wps-team allows Object Injection.This issue affects Team Members: from n/a through <= 3.4.4.
CVE-2025-32662 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through <= 2.2.0.
CVE-2025-32658 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in wpWax HelpGent helpgent allows Object Injection.This issue affects HelpGent: from n/a through <= 2.2.5.
CVE-2025-32647 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in PickPlugins Question Answer question-answer allows Object Injection.This issue affects Question Answer: from n/a through <= 1.2.73.
CVE-2025-32607 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in magepeopleteam WpBookingly service-booking-manager allows Object Injection.This issue affects WpBookingly: from n/a through <= 1.3.0.
CVE-2025-32572 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through <= 1.5.3.
CVE-2025-32571 1 Wordpress 1 Wordpress 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in TuriTop TuriTop Booking System turitop-booking-system allows Object Injection.This issue affects TuriTop Booking System: from n/a through <= 1.0.10.
CVE-2025-32569 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in RealMag777 TableOn posts-table-filterable allows Object Injection.This issue affects TableOn: from n/a through <= 1.0.4.3.
CVE-2025-32568 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in empik EmpikPlace for Woocommerce empik-for-woocommerce allows Object Injection.This issue affects EmpikPlace for Woocommerce: from n/a through <= 1.4.3.
CVE-2025-32293 1 Wordpress 1 Wordpress 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in designthemes Finance Consultant finance allows Object Injection.This issue affects Finance Consultant: from n/a through <= 2.8.