Proc\ CVEs and Security Vulnerabilities

Search

Expected end of text, found ':' (at char 35), (line:1, col:36)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (328531 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-63002	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in wpforchurch Sermon Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sermon Manager: from n/a through 2.30.0.
CVE-2025-63001	2 Nicdark, Wordpress	2 Hotel Booking, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in nicdark Hotel Booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Booking: from n/a through 3.8.
CVE-2025-63000	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP for church Sermon Manager allows Stored XSS.This issue affects Sermon Manager: from n/a through 2.30.0.
CVE-2025-62999	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in themezaa Litho Addons litho-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Litho Addons: from n/a through <= 3.4.
CVE-2025-62998	1 Wordpress	1 Wordpress	2026-01-20	5 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through 1.2.7.
CVE-2025-62997	2 Levelfourdevelopment, Wordpress	2 Wp-easycart, Wordpress	2026-01-20	5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Retrieve Embedded Sensitive Data.This issue affects WP EasyCart: from n/a through <= 5.8.11.
CVE-2025-62996	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in Code Amp Custom Layouts – Post + Product grids made easy custom-layouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through <= 1.4.12.
CVE-2025-62995	2 Multiparcels, Wordpress	2 Multiparcels Shipping For Woocommerce, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in multiparcels MultiParcels Shipping For WooCommerce multiparcels-shipping-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiParcels Shipping For WooCommerce: from n/a through <= 1.30.12.
CVE-2025-62994	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through <= 1.2.7.
CVE-2025-62993	2 Rainafarai, Wordpress	2 Notification For Telegram, Wordpress	2026-01-20	4.3 Medium
Missing Authorization vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notification for Telegram: from n/a through <= 3.4.7.
CVE-2025-62992	2 Everestthemes, Wordpress	2 Everest Backup, Wordpress	2026-01-20	6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Everest themes Everest Backup allows Path Traversal.This issue affects Everest Backup: from n/a through 2.3.9.
CVE-2025-62991	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThinkUpThemes Minamaze allows Stored XSS.This issue affects Minamaze: from n/a through 1.10.1.
CVE-2025-62990	2 Livemesh, Wordpress	2 Livemesh Addons For Beaver Builder, Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Beaver Builder addons-for-beaver-builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through 3.9.2.
CVE-2025-62989	2 Boxystudio, Wordpress	2 Cooked, Wordpress	2026-01-20	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Boxy Studio Cooked allows Stored XSS.This issue affects Cooked: from n/a through 1.11.2.
CVE-2025-62988	1 Wordpress	1 Wordpress	2026-01-20	4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Codeless Slider Templates slider-templates allows Server Side Request Forgery.This issue affects Slider Templates: from n/a through <= 1.0.3.
CVE-2025-62987	2 Builderall, Wordpress	2 Builder For Wordpress, Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Stored XSS.This issue affects Builderall Builder for WordPress: from n/a through <= 3.0.1.
CVE-2025-62986	1 Wordpress	1 Wordpress	2026-01-20	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in FanBridge FanBridge signup fanbridge-signup allows Stored XSS.This issue affects FanBridge signup: from n/a through <= 0.6.
CVE-2025-62985	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in llamaman Simple Pull Quote simple-pull-quote allows Stored XSS.This issue affects Simple Pull Quote: from n/a through <= 1.6.3.
CVE-2025-62984	2 Wordpress, Wpeka	2 Wordpress, Wp Adcenter	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPeka WP AdCenter wpadcenter allows Stored XSS.This issue affects WP AdCenter: from n/a through <= 2.6.1.
CVE-2025-62983	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sudar Muthu Posts By Tag posts-by-tag allows Stored XSS.This issue affects Posts By Tag: from n/a through <= 3.2.1.

« first previous Page 43 of 16427. next last »