CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 351412 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10817 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-64214	2 Stylemixthemes, Wordpress	2 Masterstudy Lms, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MasterStudy LMS Pro: from n/a through < 4.7.16.
CVE-2025-64222	3 Fantasticplugins, Woocommerce, Wordpress	3 Woocommerce Recover Abandoned Cart, Woocommerce, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in FantasticPlugins WooCommerce Recover Abandoned Cart rac allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Recover Abandoned Cart: from n/a through <= 24.6.0.
CVE-2025-64268	2 Arraytics, Wordpress	2 Timetics, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in Arraytics Timetics timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through <= 1.0.44.
CVE-2025-64273	2 Getresponse, Wordpress	2 Getresponse, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email marketing for WordPress by GetResponse Official: from n/a through <= 1.5.3.
CVE-2025-64375	1 Wordpress	1 Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in Mahmudul Hasan Arif WP Social Ninja wp-social-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Ninja: from n/a through <= 3.20.1.
CVE-2025-64378	1 Wordpress	1 Wordpress	2026-04-24	7.1 High
Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through < 2.9.10.
CVE-2025-66054	2 Thimpress, Wordpress	2 Learnpress, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through <= 4.2.9.4.
CVE-2025-66070	1 Wordpress	1 Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through <= 2.4.10.
CVE-2025-66088	2 Propertyhive, Wordpress	2 Propertyhive, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in Property Hive PropertyHive propertyhive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PropertyHive: from n/a through <= 2.1.12.
CVE-2025-66100	2 Magnigenie, Wordpress	2 Restropress, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in Magnigenie RestroPress restropress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RestroPress: from n/a through <= 3.2.3.5.
CVE-2025-66117	2 Ays-pro, Wordpress	2 Easy Form, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through <= 2.7.8.
CVE-2025-68508	2 Brave, Wordpress	2 Brave Popup Builder, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through <= 0.8.3.
CVE-2025-68568	2 Popup Builder, Wordpress	2 Popup Builder, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Claspo Popup Builders Claspo – Popups, Spin the Wheel & Email Capture claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Claspo – Popups, Spin the Wheel & Email Capture: from n/a through <= 1.0.7.
CVE-2025-68586	2 Goratech, Wordpress	2 Cooked, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Gora Tech Cooked cooked allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cooked: from n/a through <= 1.11.3.
CVE-2025-68596	2 Bitapps, Wordpress	2 Bit Assist, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Bit Apps Bit Assist bit-assist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bit Assist: from n/a through <= 1.5.11.
CVE-2025-69015	2 Automattic, Wordpress	2 Crowdsignal Forms, Wordpress	2026-04-24	3.8 Low
Missing Authorization vulnerability in Automattic Crowdsignal Forms crowdsignal-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crowdsignal Forms: from n/a through <= 1.7.2.
CVE-2025-69024	1 Wordpress	1 Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in bizswoop BizPrint print-google-cloud-print-gcp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizPrint: from n/a through <= 4.6.7.
CVE-2025-69327	1 Wordpress	1 Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in magepeopleteam Car Rental Manager car-rental-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Rental Manager: from n/a through <= 1.0.9.
CVE-2025-69341	1 Wordpress	1 Wordpress	2026-04-24	5.4 Medium
Missing Authorization vulnerability in BuddhaThemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.3.
CVE-2025-69345	2 Boldgrid, Wordpress	2 Post And Page Builder, Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.9.

« first previous Page 68 of 541. next last »