CWE-86 CVEs and Security Vulnerabilities

Export limit exceeded: 10809 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10809 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-24613	2 Lightspeedhq, Wordpress	2 Ecwid Ecommerce Shopping Cart, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through <= 7.0.6.
CVE-2026-24615	1 Wordpress	1 Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through <= 2.1.10.
CVE-2026-24619	2 Popcash, Wordpress	2 Popcash.net Code Integration Tool, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in PopCash PopCash.Net Code Integration Tool popcashnet-code-integration-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PopCash.Net Code Integration Tool: from n/a through <= 1.8.
CVE-2026-24622	1 Wordpress	1 Wordpress	2026-04-24	5.4 Medium
Missing Authorization vulnerability in Sergiy Dzysyak Suggestion Toolkit suggestion-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Suggestion Toolkit: from n/a through <= 5.0.
CVE-2026-24627	2 Trusona, Wordpress	2 Trusona For Wordpress, Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in Trusona Trusona for WordPress trusona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trusona for WordPress: from n/a through <= 2.0.0.
CVE-2026-24633	2 Passionatebrains, Wordpress	2 Add Expires Headers \& Optimized Minify, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Passionate Brains Add Expires Headers & Optimized Minify add-expires-headers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Expires Headers & Optimized Minify: from n/a through <= 3.2.0.
CVE-2026-24636	1 Wordpress	1 Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in Syed Balkhi Sugar Calendar (Lite) sugar-calendar-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sugar Calendar (Lite): from n/a through <= 3.9.1.
CVE-2026-23543	2 Wordpress, Wpdeveloper	2 Wordpress, Essential Addons For Elementor	2026-04-24	5.3 Medium
Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through <= 6.5.5.
CVE-2026-23548	2 Designinvento, Wordpress	2 Directorypress, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through <= 3.6.25.
CVE-2026-25370	2 Aresit, Wordpress	2 Wp Compress, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress: from n/a through <= 6.60.28.
CVE-2026-25387	2 Elementor, Wordpress	2 Image Optimizer By Elementor, Wordpress	2026-04-24	4.3 Medium
Missing Authorization vulnerability in Elementor Image Optimizer by Elementor image-optimization allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Optimizer by Elementor: from n/a through <= 1.7.1.
CVE-2026-25441	2 Leadconnector, Wordpress	2 Leadconnector, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in varunvairavanlc LeadConnector leadconnector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LeadConnector: from n/a through <= 3.0.21.
CVE-2024-34438	2 Anssi Laitila, Wordpress	2 Shared Files, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through <= 1.7.19.
CVE-2024-43228	2 Secupress, Wordpress	2 Secupress, Wordpress	2026-04-24	5.3 Medium
Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through <= 2.2.5.3.
CVE-2025-53217	2 Staviravn, Wordpress	2 Aio Wp Builder, Wordpress	2026-04-24	7.6 High
Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO WP Builder: from n/a through <= 2.0.2.
CVE-2025-67547	2 Uixthemes, Wordpress	2 Konte, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in uixthemes Konte konte allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Konte: from n/a through <= 2.4.6.
CVE-2025-67973	2 Sunshinephotocart, Wordpress	2 Sunshine Photo Cart, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.6.2.
CVE-2025-67974	2 Wordpress, Wplegalpages	2 Wordpress, Wp Legal Pages	2026-04-24	7.5 High
Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through <= 3.5.4.
CVE-2025-67975	2 Adirectory, Wordpress	2 Adirectory, Wordpress	2026-04-24	6.5 Medium
Missing Authorization vulnerability in aDirectory aDirectory adirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects aDirectory: from n/a through <= 3.0.3.
CVE-2025-67977	2 Villatheme, Wordpress	2 Happy, Wordpress	2026-04-24	8.2 High
Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through <= 1.0.8.

« first previous Page 73 of 541. next last »