Export limit exceeded: 346208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 346208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 346208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 346208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346208 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-69359 2 Wordpress, Wpfunnels 2 Wordpress, Creator Lms 2026-04-23 5.3 Medium
Missing Authorization vulnerability in WPFunnels Creator LMS creatorlms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Creator LMS: from n/a through <= 1.1.12.
CVE-2025-69358 2 Metagauss, Wordpress 2 Eventprime, Wordpress 2026-04-23 7.5 High
Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.6.0.
CVE-2025-69355 2 Tickera, Wordpress 2 Tickera, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through <= 3.5.6.4.
CVE-2025-69354 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in BBR Plugins Better Business Reviews better-business-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Business Reviews: from n/a through <= 0.1.1.
CVE-2025-69353 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Proxy &amp; VPN Blocker Proxy &amp; VPN Blocker proxy-vpn-blocker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Proxy &amp; VPN Blocker: from n/a through <= 3.5.3.
CVE-2025-69352 2 Stellarwp, Wordpress 2 The Events Calendar, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in StellarWP The Events Calendar the-events-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar: from n/a through <= 6.15.12.2.
CVE-2025-69351 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows Blind SQL Injection.This issue affects Ninja Tables: from n/a through <= 5.2.4.
CVE-2025-69350 2 Themepoints, Wordpress 2 Accordion, Wordpress 2026-04-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Accordion accordions-wp allows Stored XSS.This issue affects Accordion: from n/a through <= 3.0.3.
CVE-2025-69349 2 Fahadmahmood, Wordpress 2 Rss Feed Widget, Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in Fahad Mahmood RSS Feed Widget rss-feed-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RSS Feed Widget: from n/a through <= 3.0.2.
CVE-2025-69348 2 Coolhappy, Wordpress 2 The Events Calendar Countdown Addon, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in CoolHappy The Events Calendar Countdown Addon countdown-for-the-events-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar Countdown Addon: from n/a through <= 1.4.15.
CVE-2025-69347 2 Convers Lab, Wordpress 2 Wpsubscription, Wordpress 2026-04-23 8.6 High
Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through <= 1.8.10.
CVE-2025-69346 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in WPCenter AffiliateX affiliatex allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AffiliateX: from n/a through <= 1.3.9.3.
CVE-2025-69345 2 Boldgrid, Wordpress 2 Post And Page Builder, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.9.
CVE-2025-69344 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in themehunk Oneline Lite oneline-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Oneline Lite: from n/a through <= 6.6.
CVE-2025-69341 1 Wordpress 1 Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in BuddhaThemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.3.
CVE-2025-69340 2 Buddhathemes, Wordpress 2 Wedesigntech Ultimate Booking Addon, Wordpress 2026-04-23 7.5 High
Missing Authorization vulnerability in BuddhaThemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.3.
CVE-2025-69335 2 Themepoints, Wordpress 2 Team Showcase, Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Team Showcase team-showcase allows Stored XSS.This issue affects Team Showcase: from n/a through <= 2.9.
CVE-2025-69333 2 Crocoblock, Wordpress 2 Jetengine, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through <= 3.8.1.1.
CVE-2025-69327 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in magepeopleteam Car Rental Manager car-rental-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Rental Manager: from n/a through <= 1.0.9.
CVE-2025-69317 2 Scriptsbundle, Wordpress 2 Carspot, Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scriptsbundle CarSpot carspot allows Reflected XSS.This issue affects CarSpot: from n/a through < 2.4.6.