Search

Expected end of text, found '–' (at char 46), (line:1, col:47)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347349 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-32546 2 Stellarwp, Wordpress 2 Restrict Content, Wordpress 2026-04-29 7.5 High
Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22.
CVE-2026-32541 2 Premmerce, Wordpress 2 Premmerce Redirect Manager, Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Redirect Manager: from n/a through <= 1.0.12.
CVE-2026-32567 2 Icopydoc, Wordpress 2 Yml For Yandex Market, Wordpress 2026-04-29 6.8 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in icopydoc YML for Yandex Market yml-for-yandex-market allows Path Traversal.This issue affects YML for Yandex Market: from n/a through < 5.3.0.
CVE-2026-32527 2 Crmperks, Wordpress 2 Wp Insightly For Contact Form 7, Wpforms, Elementor, Formidable And Ninja Forms, Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-insightly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through <= 1.1.5.
CVE-2026-32510 2 Edge-themes, Wordpress 2 Kamperen, Wordpress 2026-04-29 5.4 Medium
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through < 1.3.
CVE-2026-32511 2 Mikado-themes, Wordpress 2 Stål, Wordpress 2026-04-29 5.4 Medium
Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål stal allows Object Injection.This issue affects Stål: from n/a through < 1.7.
CVE-2026-32515 2 Kamleshyadav, Wordpress 2 Miraculous, Wordpress 2026-04-29 7.5 High
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.1.2.
CVE-2026-32507 2 Elated-themes, Wordpress 2 Leroux, Wordpress 2026-04-29 5.4 Medium
Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object Injection.This issue affects Leroux: from n/a through < 1.4.
CVE-2026-32508 2 Mikado-themes, Wordpress 2 Halstein, Wordpress 2026-04-29 5.4 Medium
Deserialization of Untrusted Data vulnerability in Mikado-Themes Halstein halstein allows Object Injection.This issue affects Halstein: from n/a through < 1.8.
CVE-2026-32514 2 Anton Voytenko, Wordpress 2 Petitioner, Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in Anton Voytenko Petitioner petitioner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Petitioner: from n/a through <= 0.7.3.
CVE-2026-32506 2 Edge-themes, Wordpress 2 Archicon, Wordpress 2026-04-29 5.4 Medium
Deserialization of Untrusted Data vulnerability in Edge-Themes Archicon archicon allows Object Injection.This issue affects Archicon: from n/a through < 1.7.
CVE-2026-32483 2 Codepeople, Wordpress 2 Contact Form Email, Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through <= 1.3.63.
CVE-2026-32509 2 Edge-themes, Wordpress 2 Gracey, Wordpress 2026-04-29 5.4 Medium
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Gracey: from n/a through < 1.4.
CVE-2026-32501 2 Wordpress, Wp-configurator 2 Wordpress, Wp Configurator Pro 2026-04-29 7.1 High
Missing Authorization vulnerability in wp-configurator WP Configurator Pro wp-configurator-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Configurator Pro: from n/a through <= 3.7.9.
CVE-2026-32493 2 Eyecix, Wordpress 2 Jobsearch, Wordpress 2026-04-29 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through <= 3.2.0.
CVE-2026-32496 2 Nysl, Wordpress 2 Spam Protect For Contact Form 7, Wordpress 2026-04-29 6.8 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NYSL Spam Protect for Contact Form 7 wp-contact-form-7-spam-blocker allows Path Traversal.This issue affects Spam Protect for Contact Form 7: from n/a through <= 1.2.9.
CVE-2026-32459 2 Flycart, Wordpress 2 Upsellwp, Wordpress 2026-04-29 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through <= 2.2.4.
CVE-2026-32461 2 Really-simple-plugins, Wordpress 2 Really Simple Ssl, Wordpress 2026-04-29 4.3 Medium
Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through <= 9.5.7.
CVE-2026-32484 2 Boldgrid, Wordpress 2 Weforms, Wordpress 2026-04-29 8.8 High
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through <= 1.6.26.
CVE-2026-32451 2 Themefusion, Wordpress 2 Fusion Builder, Wordpress 2026-04-29 6.5 Medium
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.