CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 20403 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 10817 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10817 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-62037	1 Wordpress	1 Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVE-2025-62046	2 Codexthemes, Wordpress	2 Thegem, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in CodexThemes TheGem Demo Import (for WPBakery) thegem-importer.This issue affects TheGem Demo Import (for WPBakery): from n/a through <= 5.10.5.
CVE-2025-62049	2 Stylemixthemes, Wordpress	2 Cost Calculator Builder, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder.This issue affects Cost Calculator Builder: from n/a through <= 3.5.32.
CVE-2025-62914	2 Anibalwainstein, Wordpress	2 Effect Maker, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in anibalwainstein Effect Maker effect-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Effect Maker: from n/a through <= 1.2.1.
CVE-2025-64259	2 Jeroen Schmit, Wordpress	2 Theater For Wordpress, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through <= 0.18.8.
CVE-2025-64261	2 Codepeople, Wordpress	2 Appointment Booking Calendar, Wordpress	2026-04-24	5.4 Medium
Missing Authorization vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Booking Calendar: from n/a through <= 1.3.95.
CVE-2025-64263	1 Wordpress	1 Wordpress	2026-04-24	5.4 Medium
Missing Authorization vulnerability in PluginEver WP Content Pilot wp-content-pilot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Content Pilot: from n/a through <= 2.1.7.
CVE-2025-64265	2 N-media, Wordpress	2 Frontend File Manager, Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through <= 23.2.
CVE-2025-64269	2 Edgarrojas, Wordpress	2 Woocommerce Pdf Invoice Builder, Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoice Builder: from n/a through <= 1.2.150.
CVE-2025-64274	2 Wordpress, Wpkoi	2 Wordpress, Wpkoi Templates For Elementor	2026-04-24	4.3 Medium
Missing Authorization vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPKoi Templates for Elementor: from n/a through <= 3.4.4.
CVE-2025-64277	2 Quantumcloud, Wordpress	2 Chatbot, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.9.
CVE-2025-64370	2 Wordpress, Yop-poll	3 Wordpress, Yop-poll, Yop Poll	2026-04-24	5.3 Medium
Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through <= 6.5.38.
CVE-2025-64384	1 Wordpress	1 Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetFormBuilder: from n/a through <= 3.5.3.
CVE-2025-58877	2 Javothemes, Wordpress	2 Javo Core, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Javo Core: from n/a through <= 3.0.0.529.
CVE-2025-62867	1 Wordpress	1 Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in ergonet Ergonet Cache ergonet-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ergonet Cache: from n/a through <= 1.0.13.
CVE-2025-60077	1 Wordpress	1 Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in YayCommerce YayPricing yaypricing allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects YayPricing: from n/a through <= 3.5.3.
CVE-2025-60079	1 Wordpress	1 Wordpress	2026-04-24	7.1 High
Missing Authorization vulnerability in bPlugins Parallax Section block parallax-section allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Parallax Section block: from n/a through <= 1.0.9.
CVE-2025-60086	2 Matt, Wordpress	2 Wp Voting Contest, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through <= 5.8.
CVE-2025-60088	2 Saleswonder, Wordpress	2 Webinarignition, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebinarIgnition: from n/a through <= 4.06.04.
CVE-2025-64209	2 Stylemixthemes, Wordpress	2 Masterstudy Lms, Wordpress	2026-04-24	7.5 High
Missing Authorization vulnerability in StylemixThemes Masterstudy masterstudy allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Masterstudy: from n/a through < 4.8.122.

« first previous Page 67 of 541. next last »