Export limit exceeded: 78825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (78825 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49279 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogvy blogvy allows PHP Local File Inclusion.This issue affects Blogvy: from n/a through <= 1.0.7. | ||||
| CVE-2025-49278 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogty blogty allows PHP Local File Inclusion.This issue affects Blogty: from n/a through <= 1.0.11. | ||||
| CVE-2025-49277 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogprise blogprise allows PHP Local File Inclusion.This issue affects Blogprise: from n/a through <= 1.0.9. | ||||
| CVE-2025-49276 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogmine blogmine allows PHP Local File Inclusion.This issue affects Blogmine: from n/a through <= 1.1.7. | ||||
| CVE-2025-49275 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogbyte blogbyte allows PHP Local File Inclusion.This issue affects Blogbyte: from n/a through <= 1.1.1. | ||||
| CVE-2025-49274 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awordpresslife Neom Blog neom-blog allows Reflected XSS.This issue affects Neom Blog: from n/a through <= 0.0.9. | ||||
| CVE-2025-49271 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GravityWP GravityWP - Merge Tags gravitywp-merge-tags allows PHP Local File Inclusion.This issue affects GravityWP - Merge Tags: from n/a through <= 1.4.4. | ||||
| CVE-2026-30707 | 1 Speedexam | 1 Online Examination System | 2026-04-23 | 8.1 High |
| An issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The provider states that this issue is "Fixed in [02/2026] backend service update." | ||||
| CVE-2025-49267 | 2 Dynamiapps, Wordpress | 2 Frontend Admin, Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Blind SQL Injection.This issue affects Frontend Admin by DynamiApps: from n/a through <= 3.28.3. | ||||
| CVE-2025-49266 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Reflected XSS.This issue affects Ultimate Reviews: from n/a through <= 3.2.14. | ||||
| CVE-2025-49265 | 1 Wpswings | 1 Membership For Woocommerce | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Membership For WooCommerce: from n/a through <= 2.8.1. | ||||
| CVE-2025-49264 | 1 Wordpress | 2 Cloud Saml Sso, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On Login: from n/a through <= 1.0.18. | ||||
| CVE-2025-49263 | 1 Wcvendors | 1 Wc Vendors Marketplace | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WCVendors WC Vendors Marketplace wc-vendors allows Blind SQL Injection.This issue affects WC Vendors Marketplace: from n/a through <= 2.5.6. | ||||
| CVE-2025-49262 | 1 Sinaextra | 1 Sina Extension For Elementor | 2026-04-23 | 7.6 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shaonsina Sina Extension for Elementor sina-extension-for-elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through <= 3.6.1. | ||||
| CVE-2025-49261 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: from n/a through <= 1.3.8. | ||||
| CVE-2025-49260 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through <= 1.3.9. | ||||
| CVE-2025-49259 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through <= 1.2.10. | ||||
| CVE-2025-49258 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Maia maia allows PHP Local File Inclusion.This issue affects Maia: from n/a through <= 1.1.15. | ||||
| CVE-2025-49257 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through <= 1.3.8. | ||||
| CVE-2025-49256 | 2026-04-23 | 8.1 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Sapa sapa allows PHP Local File Inclusion.This issue affects Sapa: from n/a through <= 1.1.14. | ||||