CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10926 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-40728	2 Blockart, Wordpress	2 Magazine Blocks, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through <= 1.8.3.
CVE-2026-40729	2 Bplugins, Wordpress	2 3d Viewer – Embed 3d Models, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through <= 1.8.5.
CVE-2026-39701	2 Andrew, Wordpress	2 Shopwp, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Andrew ShopWP wpshopify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShopWP: from n/a through <= 5.2.4.
CVE-2026-39704	2 Nfusionsolutions, Wordpress	2 Precious Metals Automated Product Pricing – Pro, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in nfusionsolutions Precious Metals Automated Product Pricing – Pro precious-metals-automated-product-pricing-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Precious Metals Automated Product Pricing – Pro: from n/a through <= 4.0.5.
CVE-2026-39713	2 Mailercloud, Wordpress	2 Mailercloud – Integrate Webforms And Synchronize Website Contacts, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in mailercloud Mailercloud – Integrate webforms and synchronize website contacts mailercloud-integrate-webforms-synchronize-contacts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mailercloud – Integrate webforms and synchronize website contacts: from n/a through <= 1.0.7.
CVE-2026-39689	2 Eshipper, Wordpress	2 Eshipper Commerce, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in eshipper eShipper Commerce eshipper-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eShipper Commerce: from n/a through <= 2.16.12.
CVE-2026-39697	2 Hbss Technologies, Wordpress	2 Maio – The New Ai Geo / Seo Tool, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in HBSS Technologies MAIO – The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAIO – The new AI GEO / SEO tool: from n/a through <= 6.2.8.
CVE-2026-39687	2 Rapid Car Check, Wordpress	2 Rapid Car Check Vehicle Data, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Rapid Car Check Rapid Car Check Vehicle Data free-vehicle-data-uk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rapid Car Check Vehicle Data: from n/a through <= 2.0.
CVE-2026-39658	2 Coding Panda, Wordpress	2 Panda Pods Repeater Field, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Coding Panda Panda Pods Repeater Field panda-pods-repeater-field allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panda Pods Repeater Field: from n/a through <= 1.5.12.
CVE-2026-39675	2 Webmuehle, Wordpress	2 Court Reservation, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in webmuehle Court Reservation court-reservation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Court Reservation: from n/a through <= 1.10.11.
CVE-2026-39651	2 Totalsuite, Wordpress	2 Total Poll Lite, Wordpress	2026-04-29	6.5 Medium
Missing Authorization vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through <= 4.12.0.
CVE-2026-39639	2 Redpixelstudios, Wordpress	2 Rps Include Content, Wordpress	2026-04-29	6.5 Medium
Missing Authorization vulnerability in redpixelstudios RPS Include Content rps-include-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RPS Include Content: from n/a through <= 1.2.2.
CVE-2026-39631	2 Ronik@unlimitedwp, Wordpress	2 Wpschoolpress, Wordpress	2026-04-29	4.9 Medium
Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through <= 2.2.35.
CVE-2026-39627	2 Wordpress, Wproyal	2 Wordpress, Ashe	2026-04-29	4.3 Medium
Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe: from n/a through <= 2.266.
CVE-2026-39602	2 Rustaurius, Wordpress	2 Order Tracking, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3.
CVE-2026-39506	2 Jordy Meow, Wordpress	2 Ai-engine, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Jordy Meow AI Engine (Pro) ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine (Pro): from n/a through < 3.4.2.
CVE-2026-39477	2 Brainstormforce, Wordpress	2 Cartflows, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CartFlows: from n/a through <= 2.2.3.
CVE-2026-39488	2 Surecart, Wordpress	2 Surecart, Wordpress	2026-04-29	6.5 Medium
Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through <= 4.0.2.
CVE-2026-32587	2 Saad Iqbal, Wordpress	2 Wp Easypay, Wordpress	2026-04-29	5.4 Medium
Missing Authorization vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through <= 4.2.11.
CVE-2026-32586	2 Pluggabl, Wordpress	2 Booster For Woocommerce, Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through < 7.11.3.

« first previous Page 21 of 547. next last »