Search

Expected end of text, found '\' (at char 27), (line:1, col:28)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346123 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-28108 2 Lambertgroup, Wordpress 2 Lambertgroup - Allinone - Banner With Thumbnails, Wordpress 2026-04-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails all-in-one-thumbnailsBanner allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Thumbnails: from n/a through <= 3.8.
CVE-2026-28118 2 Axiomthemes, Wordpress 2 Welldone, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Welldone welldone allows PHP Local File Inclusion.This issue affects Welldone: from n/a through <= 2.4.
CVE-2026-28122 2 Cridio, Wordpress 2 Listingpro, Wordpress 2026-04-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro listingpro-plugin allows Reflected XSS.This issue affects ListingPro: from n/a through <= 2.9.8.
CVE-2026-28126 2 Sizam, Wordpress 2 Rh Frontend Publishing Pro, Wordpress 2026-04-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sizam RH Frontend Publishing Pro rh-frontend allows Reflected XSS.This issue affects RH Frontend Publishing Pro: from n/a through < 4.3.4.
CVE-2026-28098 2 Themerex, Wordpress 2 Save Life, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through <= 1.2.13.
CVE-2026-28100 2 Lambertgroup, Wordpress 2 Uberslider Perpetuummobile, Wordpress 2026-04-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider PerpetuumMobile uberSlider_perpetuummobile allows Reflected XSS.This issue affects UberSlider PerpetuumMobile: from n/a through <= 2.3.
CVE-2026-28032 2 Themerex, Wordpress 2 Tuning, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Tuning tuning allows PHP Local File Inclusion.This issue affects Tuning: from n/a through <= 1.3.
CVE-2026-28066 2 Themerex, Wordpress 2 Legrand, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Legrand legrand allows PHP Local File Inclusion.This issue affects Legrand: from n/a through <= 2.17.
CVE-2026-28137 2 Quanticalabs, Wordpress 2 Medicenter - Health Medical Clinic, Wordpress 2026-04-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs MediCenter - Health Medical Clinic medicenter allows Reflected XSS.This issue affects MediCenter - Health Medical Clinic: from n/a through <= 14.9.
CVE-2026-28078 2 Stylemixthemes, Wordpress 2 Ulisting, Wordpress 2026-04-22 4.9 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through <= 2.2.0.
CVE-2026-28081 2 Themerex, Wordpress 2 Windsor, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Windsor windsor allows PHP Local File Inclusion.This issue affects Windsor: from n/a through <= 2.5.0.
CVE-2026-28089 2 Themerex, Wordpress 2 Daiquiri, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Daiquiri daiquiri allows PHP Local File Inclusion.This issue affects Daiquiri: from n/a through <= 1.2.4.
CVE-2026-28099 2 Lambertgroup, Wordpress 2 Uberslider Ultra, Wordpress 2026-04-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider Ultra uberSlider_ultra allows Reflected XSS.This issue affects UberSlider Ultra: from n/a through <= 2.3.
CVE-2026-28104 2 Aryan Shirani Bid Abadi, Wordpress 2 Site Suggest, Wordpress 2026-04-22 6.5 Medium
Missing Authorization vulnerability in Aryan Shirani Bid Abadi Site Suggest site-suggest allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Site Suggest: from n/a through <= 1.3.9.
CVE-2026-28120 2 Themerex, Wordpress 2 Dr.patterson, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Dr.Patterson dr-patterson allows PHP Local File Inclusion.This issue affects Dr.Patterson: from n/a through <= 1.3.2.
CVE-2026-28127 2 E-plugins, Wordpress 2 Lawyer Directory, Wordpress 2026-04-22 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Lawyer Directory lawyer-directory allows Reflected XSS.This issue affects Lawyer Directory: from n/a through <= 1.3.2.
CVE-2026-28051 2 Themerex, Wordpress 2 Yacht Rental, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Yacht Rental yacht-rental allows PHP Local File Inclusion.This issue affects Yacht Rental: from n/a through <= 2.6.
CVE-2026-28059 2 Themerex, Wordpress 2 Dermatology Clinic, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Dermatology Clinic dermatology-clinic allows PHP Local File Inclusion.This issue affects Dermatology Clinic: from n/a through <= 1.4.3.
CVE-2026-28063 2 Themerex, Wordpress 2 Asia Garden, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Asia Garden asia-garden allows PHP Local File Inclusion.This issue affects Asia Garden: from n/a through <= 1.3.1.
CVE-2026-28065 2 Themerex, Wordpress 2 Eject, Wordpress 2026-04-22 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Eject eject allows PHP Local File Inclusion.This issue affects Eject: from n/a through <= 2.17.