CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10786 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-27008			2026-04-29	7.5 High
Missing Authorization vulnerability in NotFound Unlimited Timeline unlimited-timeline allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Unlimited Timeline: from n/a through < 1.6.1.
CVE-2025-26958	1 Wordpress	1 Wordpress	2026-04-29	7.5 High
Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through <= 2.4.3.
CVE-2025-26953	1 Wordpress	1 Wordpress	2026-04-29	7.5 High
Missing Authorization vulnerability in Crocoblock JetMenu jet-menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetMenu: from n/a through <= 2.4.9.
CVE-2025-26942	1 Wordpress	1 Wordpress	2026-04-29	7.5 High
Missing Authorization vulnerability in Crocoblock JetTricks jet-tricks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetTricks: from n/a through <= 1.5.1.
CVE-2025-24643	1 Wordpress	1 Wordpress	2026-04-29	6.5 Medium
Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPGuppy: from n/a through <= 1.1.0.
CVE-2025-24606			2026-04-29	6.4 Medium
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.1.
CVE-2025-24607	1 Northernbeacheswebsites	1 Ideapush	2026-04-29	5.8 Medium
Missing Authorization vulnerability in Northern Beaches Websites IdeaPush ideapush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through <= 8.71.
CVE-2024-56067	1 Wordpress	1 Wordpress	2026-04-29	7.5 High
Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
CVE-2025-22698			2026-04-29	6.3 Medium
Missing Authorization vulnerability in Ability, Inc Accessibility Suite online-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Suite: from n/a through <= 4.18.
CVE-2024-52480	1 Astoundify	2 Jobify, Jobify-job Board	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Astoundify Jobify jobify.This issue affects Jobify: from n/a through < 4.3.0.
CVE-2023-51360	1 Wpdeveloper	1 Essential Blocks	2026-04-29	6.5 Medium
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through <= 4.2.0.
CVE-2023-49859	1 Wordpress	1 Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Marcus (aka @msykes) Login With Ajax login-with-ajax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login With Ajax: from n/a through <= 4.1.
CVE-2023-50373	1 Wpsaad	1 Alt Manager	2026-04-29	5.3 Medium
Missing Authorization vulnerability in WPSAAD Alt Manager alt-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alt Manager: from n/a through <= 1.6.1.
CVE-2023-51359	1 Wpdeveloper	1 Essential Blocks	2026-04-29	5.4 Medium
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through <= 4.2.0.
CVE-2023-51362	1 Premio	1 All In One Floating Contact Form My Sticky Elements	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through <= 2.1.3.
CVE-2023-50903	1 Wpmet	1 Metform Elementor Contact Form Builder	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Roxnor Metform metform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Metform: from n/a through <= 3.4.0.
CVE-2023-51355	1 Multivendorx	1 Wc Marketplace	2026-04-29	8.2 High
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiVendorX: from n/a through <= 4.0.23.
CVE-2023-48739			2026-04-29	5.3 Medium
Missing Authorization vulnerability in Porto Theme Porto Theme - Functionality porto-functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto Theme - Functionality: from n/a through < 2.12.1.
CVE-2023-49754	1 Wordpress	1 Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Yogesh Pawar Bulk Edit Post Titles bulk-edit-post-titles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Edit Post Titles: from n/a through <= 5.0.0.
CVE-2023-51357	1 Conversios	1 Conversios.io	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through <= 6.5.0.

« first previous Page 19 of 540. next last »