Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (1234 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-60085 2 Themerex Group, Wordpress 2 Learnify, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Learnify <= 1.15.0 versions.
CVE-2025-69107 2 Themerex, Wordpress 2 Rosaleen, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Rosaleen <= 2.8 versions.
CVE-2025-69109 2 Themerex, Wordpress 2 Raider Spirit, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Raider Spirit <= 1.1.2 versions.
CVE-2025-69119 2 Themerex, Wordpress 2 Corbesier, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Corbesier <= 1.15.0 versions.
CVE-2025-69121 2 Themerex, Wordpress 2 Deliciosa, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Deliciosa <= 1.10.0 versions.
CVE-2025-69125 2 Themerex, Wordpress 2 Food Drop, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Food Drop <= 1.3 versions.
CVE-2025-69136 2 Themelogi, Wordpress 2 Wanium, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Wanium <= 1.9.8 versions.
CVE-2025-69141 2 Themerex, Wordpress 2 Kelly Young, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Kelly Young <= 1.1.0 versions.
CVE-2025-69149 2 Themerex, Wordpress 2 Top Dog, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions.
CVE-2025-69177 2 Themelogi, Wordpress 2 Roneous, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.
CVE-2025-69178 2 Cactusthemes, Wordpress 2 Truemag, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.
CVE-2026-34893 2 Webgeniuslab, Wordpress 2 Thegov Core, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.
CVE-2026-34894 2 Webgeniuslab, Wordpress 2 Integrio Core, Wordpress 2026-06-23 8.1 High
Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.
CVE-2026-7515 2 Betterdocs, Wordpress 2 Betterdocs Pro, Wordpress 2026-06-22 9.8 Critical
The BetterDocs Pro plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 3.8.0 via the `doc_style` parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
CVE-2019-25760 1 Joomtech 1 Easy Shop 2026-06-22 6.2 Medium
Joomla! Component Easy Shop 1.2.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by supplying base64-encoded file paths. Attackers can send GET requests to index.php with the option parameter set to com_easyshop, task set to ajax.loadImage, and a base64-encoded file path in the file parameter to retrieve sensitive files like configuration.php and system files.
CVE-2026-34895 2 Webgeniuslab, Wordpress 2 Softlab Core, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions.
CVE-2025-69110 2 Themerex, Wordpress 2 Airsupply, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in AirSupply <= 2.0.0 versions.
CVE-2025-69161 2 Themerex, Wordpress 2 Snowy, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Snowy <= 1.13 versions.
CVE-2025-69171 2 Themerex, Wordpress 2 Orpheus, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions.
CVE-2026-39582 2 Wordpress, Xtemos 2 Wordpress, Hitek 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions.