CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10809 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-68587	1 Wordpress	1 Wordpress	2026-04-27	4.3 Medium
Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watu Quiz: from n/a through <= 3.4.5.
CVE-2025-68582	2 Funnelforms, Wordpress	3 Funnelforms, Funnelforms Free, Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in Funnelforms Funnelforms Free funnelforms-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Funnelforms Free: from n/a through <= 3.8.
CVE-2025-68581	1 Wordpress	1 Wordpress	2026-04-27	5.4 Medium
Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through <= 1.0.11.
CVE-2025-68579	1 Wordpress	1 Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in FolioVision FV Simpler SEO fv-all-in-one-seo-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FV Simpler SEO: from n/a through <= 1.9.6.
CVE-2025-68578	1 Wordpress	1 Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify: from n/a through <= 2.0.4.
CVE-2025-68577	1 Wordpress	1 Wordpress	2026-04-27	4.3 Medium
Missing Authorization vulnerability in Virusdie Virusdie virusdie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virusdie: from n/a through <= 1.1.6.
CVE-2025-68572	2 Spider-themes, Wordpress	2 Bbp Core, Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in Spider Themes BBP Core bbp-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BBP Core: from n/a through <= 1.4.1.
CVE-2025-68571	2 Salesmanago, Wordpress	2 Salesmanago, Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago & Leadoo: from n/a through <= 3.9.0.
CVE-2025-68569	2 Codepeople, Wordpress	2 Wp Time Slots Booking Form, Wordpress	2026-04-27	6.5 Medium
Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through <= 1.2.39.
CVE-2025-68565	1 Wordpress	1 Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through <= 2.1.3.
CVE-2025-68564	2 Sendy, Wordpress	2 Sendy, Wordpress	2026-04-27	6.5 Medium
Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through <= 3.4.2.
CVE-2025-68535	2 Sunshinephotocart, Wordpress	2 Sunshine Photo Cart, Wordpress	2026-04-27	4.3 Medium
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.7.1.
CVE-2025-68523	2 Spiffyplugins, Wordpress	2 Spiffy Calendar, Wordpress	2026-04-27	4.3 Medium
Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spiffy Calendar: from n/a through <= 5.0.7.
CVE-2025-68522	2 Wordpress, Wpstream	2 Wordpress, Wpstream	2026-04-27	4.3 Medium
Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through <= 4.9.5.
CVE-2025-68521	2 Wordpress, Wpstream	2 Wordpress, Wpstream	2026-04-27	5.3 Medium
Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through <= 4.9.5.
CVE-2025-68517	2 Essekia, Wordpress	2 Tablesome Table, Wordpress	2026-04-27	5.4 Medium
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.1.
CVE-2025-68511	2 Jegstudio, Wordpress	2 Gutenverse, Wordpress	2026-04-27	6.5 Medium
Missing Authorization vulnerability in Jegstudio Gutenverse Form gutenverse-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse Form: from n/a through <= 2.3.1.
CVE-2025-68505	2 H5p, Wordpress	2 H5p, Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through <= 1.16.1.
CVE-2025-68022	2 Soporteblue, Wordpress	2 Plugin Bluex For Woocommerce, Wordpress	2026-04-27	7.3 High
Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin BlueX for WooCommerce: from n/a through <= 3.1.6.
CVE-2025-63063	1 Wordpress	1 Wordpress	2026-04-27	5.3 Medium
Missing Authorization vulnerability in Yandex Metrika Yandex.Metrica wp-yandex-metrika allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yandex.Metrica: from n/a through <= 1.2.2.

« first previous Page 59 of 541. next last »