Tetra\ CVEs and Security Vulnerabilities

Export limit exceeded: 346623 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 31), (line:1, col:32)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346623 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-68040	2 Wedevs, Wordpress	2 Wp Project Manager, Wordpress	2026-04-23	6.5 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.This issue affects WP Project Manager: from n/a through <= 3.0.1.
CVE-2025-68036	2 Emraan Cheema, Wordpress	2 Cubewp, Wordpress	2026-04-23	7.5 High
Missing Authorization vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CubeWP: from n/a through <= 1.1.27.
CVE-2025-68033	2 Brechtvds, Wordpress	2 Custom Related Posts, Wordpress	2026-04-23	7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Brecht Custom Related Posts custom-related-posts allows Retrieve Embedded Sensitive Data.This issue affects Custom Related Posts: from n/a through <= 1.8.0.
CVE-2025-68028	2 Passionate Brains, Wordpress	2 Ga4wp: Google Analytics For Wordpress, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through <= 2.10.0.
CVE-2025-68025	2 Addonify, Wordpress	2 Addonify Floating Cart For Woocommerce, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in Addonify Addonify Floating Cart For WooCommerce addonify-floating-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify Floating Cart For WooCommerce: from n/a through <= 1.2.17.
CVE-2025-68023	2 Addonify, Wordpress	2 Addonify – Compare Products For Woocommerce, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in Addonify Addonify – Compare Products For WooCommerce addonify-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – Compare Products For WooCommerce: from n/a through <= 1.1.17.
CVE-2025-68022	2 Soporteblue, Wordpress	2 Plugin Bluex For Woocommerce, Wordpress	2026-04-23	7.3 High
Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin BlueX for WooCommerce: from n/a through <= 3.1.6.
CVE-2025-68021	2 Conveythis, Wordpress	2 Conveythis, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 269.9.
CVE-2025-68017	2 Antideo, Wordpress	2 Email Validator, Wordpress	2026-04-23	7.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Antideo Antideo Email Validator antideo-email-validator allows Blind SQL Injection.This issue affects Antideo Email Validator: from n/a through <= 1.0.10.
CVE-2025-68014	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in awethemes AweBooking awebooking allows Retrieve Embedded Sensitive Data.This issue affects AweBooking: from n/a through <= 3.2.26.
CVE-2025-68005	2 Themewant, Wordpress	2 Easy Hotel Booking, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in themewant Easy Hotel Booking easy-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Hotel Booking: from n/a through <= 1.9.2.
CVE-2025-68001	1 Wordpress	1 Wordpress	2026-04-23	10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl-checkout allows Upload a Web Shell to a Web Server.This issue affects g-FFL Checkout: from n/a through <= 2.1.0.
CVE-2025-68000	2 Pickplugins, Wordpress	2 Testimonial Slider, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through <= 2.0.15.
CVE-2025-67994	2 Wordpress, Yaycommerce	2 Wordpress, Yaycurrency	2026-04-23	7.5 High
Missing Authorization vulnerability in YayCommerce YayCurrency yaycurrency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayCurrency: from n/a through <= 3.3.
CVE-2025-67977	2 Villatheme, Wordpress	2 Happy, Wordpress	2026-04-23	8.2 High
Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through <= 1.0.8.
CVE-2025-67975	2 Adirectory, Wordpress	2 Adirectory, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in aDirectory aDirectory adirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects aDirectory: from n/a through <= 3.0.3.
CVE-2025-67974	2 Wordpress, Wplegalpages	2 Wordpress, Wp Legal Pages	2026-04-23	7.5 High
Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through <= 3.5.4.
CVE-2025-67973	2 Sunshinephotocart, Wordpress	2 Sunshine Photo Cart, Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.6.2.
CVE-2025-67970	2 Vertim, Wordpress	2 Schedula, Wordpress	2026-04-23	5.9 Medium
Missing Authorization vulnerability in vertim Schedula schedula-smart-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schedula: from n/a through <= 1.0.
CVE-2024-10242	1 Wso2	2 Api Manager, Wso2 Api Manager	2026-04-23	6.1 Medium
The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. This allows an attacker to inject malicious script payloads into the input parameters, which are then executed by the victim's browser. Successful exploitation can enable an attacker to redirect the user's browser to a malicious website, modify the UI of the web page, or retrieve information from the browser. However, the impact is limited as session-related sensitive cookies are protected by the httpOnly flag, preventing session hijacking.

« first previous Page 126 of 17332. next last »