CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 19355 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 11130 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11130 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-52800	1 Wordpress	1 Wordpress	2026-04-23	7.3 High
Missing Authorization vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects The E-Commerce ERP: from n/a through <= 2.1.1.3.
CVE-2025-52785	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Missing Authorization vulnerability in softnwords SMM API smm-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMM API: from n/a through <= 6.0.31.
CVE-2025-52775	2 Ronik Unlimitedwp, Wordpress	2 Project Cost Calculator, Wordpress	2026-04-23	7.1 High
Missing Authorization vulnerability in Ronik@UnlimitedWP Project Cost Calculator project-cost-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Project Cost Calculator: from n/a through <= 1.0.0.
CVE-2025-52757	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SUMO Memberships for WooCommerce: from n/a through < 7.8.0.
CVE-2025-52731	2 Themefunction, Wordpress	2 Wordpress Event Manager Event Calendar And Booking Plugin, Wordpress	2026-04-23	7.5 High
Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through <= 4.0.24.
CVE-2025-50039	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in vgwort VG WORT METIS vgw-metis allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VG WORT METIS: from n/a through <= 2.0.1.
CVE-2025-50031	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in syedamirhussain91 DB Backup db-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DB Backup: from n/a through <= 6.0.
CVE-2025-50029	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in Ashish AI Tools artificial-intelligence-auto-content-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Tools: from n/a through <= 4.0.7.
CVE-2025-50028			2026-04-23	6.5 Medium
Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications ultimate-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Push Notifications: from n/a through <= 1.2.0.
CVE-2025-50010			2026-04-23	5.4 Medium
Missing Authorization vulnerability in Zapier Zapier for WordPress zapier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zapier for WordPress: from n/a through <= 1.5.2.
CVE-2025-50009			2026-04-23	5.4 Medium
Missing Authorization vulnerability in Climax Themes Kata Plus kata-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kata Plus: from n/a through <= 1.5.3.
CVE-2025-49998			2026-04-23	5.4 Medium
Missing Authorization vulnerability in Wetail WooCommerce Fortnox Integration woocommerce-fortnox-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Fortnox Integration: from n/a through <= 4.5.5.
CVE-2025-49997			2026-04-23	5.3 Medium
Missing Authorization vulnerability in Syed Balkhi Giveaways and Contests by RafflePress rafflepress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Giveaways and Contests by RafflePress: from n/a through <= 1.12.18.
CVE-2025-49996			2026-04-23	5.3 Medium
Missing Authorization vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through <= 8.4.
CVE-2025-49993			2026-04-23	5.3 Medium
Missing Authorization vulnerability in csarturas Cookie-Script.com cookie-script-com allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cookie-Script.com: from n/a through <= 1.2.1.
CVE-2025-49990			2026-04-23	5.3 Medium
Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contentstudio: from n/a through <= 1.3.7.
CVE-2025-49989			2026-04-23	5.3 Medium
Missing Authorization vulnerability in App Cheap App Builder app-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Builder: from n/a through <= 5.5.6.
CVE-2025-49988			2026-04-23	5.3 Medium
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 AWeber Extension integrate-contact-form-7-and-aweber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 AWeber Extension: from n/a through <= 0.1.40.
CVE-2025-49987			2026-04-23	5.3 Medium
Missing Authorization vulnerability in WPFactory CRM ERP Business Solution crm-erp-business-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CRM ERP Business Solution: from n/a through <= 1.13.
CVE-2025-49986			2026-04-23	5.3 Medium
Missing Authorization vulnerability in thanhtungtnt Video List Manager video-list-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Video List Manager: from n/a through <= 1.7.

« first previous Page 115 of 557. next last »