Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6457 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-68568 2 Popup Builder, Wordpress 2 Popup Builder, Wordpress 2026-01-20 7.5 High
Missing Authorization vulnerability in integrationclaspo Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture &amp; Lead Generation forms maker claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture &amp; Lead Generation forms maker: from n/a through <= 1.0.5.
CVE-2025-68565 1 Wordpress 1 Wordpress 2026-01-20 9.8 Critical
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through <= 2.1.3.
CVE-2025-68557 1 Wordpress 1 Wordpress 2026-01-20 4.3 Medium
Missing Authorization vulnerability in Vikas Ratudi Chakra test allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chakra test: from n/a through 1.0.1.
CVE-2025-68556 2 Villatheme, Wordpress 2 Happy, Wordpress 2026-01-20 5.3 Medium
Missing Authorization vulnerability in VillaTheme HAPPY allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through 1.0.9.
CVE-2025-68547 1 Wordpress 1 Wordpress 2026-01-20 7.5 High
Missing Authorization vulnerability in WPweb Follow My Blog Post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Follow My Blog Post: from n/a through 2.4.0.
CVE-2025-68535 2 Sunshinephotocart, Wordpress 2 Sunshine Photo Cart, Wordpress 2026-01-20 9.1 Critical
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.7.1.
CVE-2025-68523 2 Spiffyplugins, Wordpress 2 Spiffy Calendar, Wordpress 2026-01-20 8.1 High
Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spiffy Calendar: from n/a through <= 5.0.7.
CVE-2025-68522 2 Wordpress, Wpstream 2 Wordpress, Wpstream 2026-01-20 8.8 High
Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through <= 4.9.5.
CVE-2025-68521 2 Wordpress, Wpstream 2 Wordpress, Wpstream 2026-01-20 8.8 High
Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through <= 4.9.5.
CVE-2025-68517 2 Essekia, Wordpress 2 Tablesome Table, Wordpress 2026-01-20 8.1 High
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.1.
CVE-2025-68511 2 Jegstudio, Wordpress 2 Gutenverse, Wordpress 2026-01-20 9.1 Critical
Missing Authorization vulnerability in Jegstudio Gutenverse Form gutenverse-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse Form: from n/a through <= 2.3.1.
CVE-2025-68508 2 Brave, Wordpress 2 Brave Popup Builder, Wordpress 2026-01-20 9.1 Critical
Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through <= 0.8.3.
CVE-2025-68505 2 H5p, Wordpress 2 H5p, Wordpress 2026-01-20 8.8 High
Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through <= 1.16.1.
CVE-2025-68503 1 Wordpress 1 Wordpress 2026-01-20 6.5 Medium
Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through 2.4.7.
CVE-2025-68498 2 Crocoblock, Wordpress 2 Jettabs, Wordpress 2026-01-20 6.5 Medium
Missing Authorization vulnerability in Crocoblock JetTabs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetTabs: from n/a through 2.2.12.
CVE-2025-68088 2 Merkulove, Wordpress 2 Huger For Elementor, Wordpress 2026-01-20 5.4 Medium
Missing Authorization vulnerability in merkulove Huger for Elementor huger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Huger for Elementor: from n/a through <= 1.1.5.
CVE-2025-68087 2 Merkulove, Wordpress 2 Modalier For Elementor, Wordpress 2026-01-20 5.4 Medium
Missing Authorization vulnerability in merkulove Modalier for Elementor modalier-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modalier for Elementor: from n/a through <= 1.0.6.
CVE-2025-68086 2 Merkulove, Wordpress 2 Reformer For Elementor, Wordpress 2026-01-20 5.4 Medium
Missing Authorization vulnerability in merkulove Reformer for Elementor reformer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reformer for Elementor: from n/a through <= 1.0.6.
CVE-2025-68085 2 Merkulove, Wordpress 2 Buttoner For Elementor, Wordpress 2026-01-20 5.4 Medium
Missing Authorization vulnerability in merkulove Buttoner for Elementor buttoner-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Buttoner for Elementor: from n/a through <= 1.0.6.
CVE-2025-68084 2 Nitesh Singh, Wordpress 2 Ultimate Wordpress Auction Plugin, Wordpress 2026-01-20 5.4 Medium
Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through <= 4.3.2.