CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 10817 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10817 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-66104	1 Wordpress	1 Wordpress	2026-04-28	6.5 Medium
Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Optimize with Cloudflare Images cf-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Offload, AI & Optimize with Cloudflare Images: from n/a through <= 1.9.5.
CVE-2025-63016	2 Quadlayers, Wordpress	2 Tiktok Feed, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in quadlayers QuadLayers TikTok Feed wp-tiktok-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QuadLayers TikTok Feed: from n/a through <= 4.6.5.
CVE-2025-62909	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in mrityunjay Smart WeTransfer smart-wetransfer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart WeTransfer: from n/a through <= 1.3.
CVE-2025-62916	1 Wordpress	1 Wordpress	2026-04-28	5.4 Medium
Missing Authorization vulnerability in Travon WP Flights & Hotels Booking WP Plugin adiaha-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flights & Hotels Booking WP Plugin: from n/a through <= 3.1.
CVE-2025-62906	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Referral Link Tracker: from n/a through <= 1.1.4.
CVE-2025-62869	2 Gravitec.net, Wordpress	2 Web Push Notifications, Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net – Web Push Notifications: from n/a through <= 2.9.17.
CVE-2025-62116	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in quadlayers AI Copilot ai-copilot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Copilot: from n/a through <= 1.5.2.
CVE-2025-62092	2 Wiremo, Wordpress	2 Wiremo, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Wiremo Wiremo woo-reviews-by-wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through <= 1.4.99.
CVE-2025-62081	3 Channelize.io, Woocommerce, Wordpress	3 Live Shopping & Shoppable Videos For Woocommerce, Woocommerce, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Channelize.io Team Live Shopping & Shoppable Videos For WooCommerce live-shopping-video-streams allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through <= 2.2.0.
CVE-2025-62085	2 Bertha, Wordpress	2 Bertha Ai, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Bertha AI – Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/a through <= 1.13.
CVE-2025-62079	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies wp-export-categories-taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through <= 1.0.3.
CVE-2025-60143	2 Netgsm, Wordpress	2 Netgsm, Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in netgsm Netgsm netgsm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Netgsm: from n/a through <= 2.9.69.
CVE-2025-60130	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in wedos.com WEDOS Global wgpwpp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WEDOS Global: from n/a through <= 1.2.2.
CVE-2025-58785			2026-04-28	5.4 Medium
Missing Authorization vulnerability in Jiro Sasamoto Ray Enterprise Translation lingotek-translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ray Enterprise Translation: from n/a through <= 1.7.2.
CVE-2025-58201	2 Aftership & Automizely, Wordpress	2 Aftership Tracking, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in AfterShip & Automizely AfterShip Tracking aftership-woocommerce-tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AfterShip Tracking: from n/a through <= 1.17.17.
CVE-2025-58016	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Codexpert, Inc CF7 Submissions cf7-submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Submissions: from n/a through <= 0.26.
CVE-2025-58009	2 Cp Multi View Event Calendar Project, Wordpress	2 Cp Multi View Event Calendar, Wordpress	2026-04-28	3.8 Low
Missing Authorization vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through <= 1.4.35.
CVE-2025-57976	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in CardCom CardCom Payment Gateway woo-cardcom-payment-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CardCom Payment Gateway: from n/a through <= 3.5.0.7.
CVE-2025-53304	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Rohil Contact Form – 7 : Hide Success Message contact-form-7-hide-success-message allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contact Form – 7 : Hide Success Message: from n/a through <= 1.1.4.
CVE-2025-50034			2026-04-28	6.5 Medium
Missing Authorization vulnerability in Mahmudul Hasan Arif Enhanced Blocks – Page Builder Blocks for Gutenberg enhanced-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Blocks – Page Builder Blocks for Gutenberg: from n/a through <= 1.4.1.

« first previous Page 43 of 541. next last »