Browse CVEs | Page 48

Total CVEs

138,585

Critical Severity

3,576

High Severity

12,840

Last 7 Days

2,053

Clear Filters

📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →

Showing 941 - 960 of 34,990 CVEs

CVE-2026-25446 CRITICAL - 9.9

Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions.

Vendor: WishList Products, LLC.

Product: WishList Member X

Published: Jun 17, 2026

Source: NVD

CVE-2026-25439 HIGH - 8.1

Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions.

Vendor: fs-code

Product: Booknetic

Published: Jun 17, 2026

Source: NVD

CVE-2026-24611 CRITICAL - 9.1

Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions.

Vendor: WPMet

Product: MetForm Pro

Published: Jun 17, 2026

Source: NVD

CVE-2026-24610 MEDIUM - 4.3

Subscriber Broken Access Control in MetForm Pro <= 3.9.1 versions.

Vendor: WPMet

Product: MetForm Pro

Published: Jun 17, 2026

Source: NVD

CVE-2026-24575 MEDIUM - 4.3

Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.

Vendor: WishList Member

Product: WishList Member X

Published: Jun 17, 2026

Source: NVD

CVE-2026-22343 HIGH - 8.6

Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.

Vendor: PremiumPress Limited.

Product: WordPress Dating Theme

Published: Jun 17, 2026

Source: NVD

CVE-2026-22342 HIGH - 8.8

Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.

Vendor: PremiumPress Limited.

Product: WordPress Dating Theme

Published: Jun 17, 2026

Source: NVD

CVE-2026-22340 CRITICAL - 9.3

Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.

Vendor: Jobster Marketplace

Product: WPJobster

Published: Jun 17, 2026

Source: NVD

CVE-2026-22339 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.

Vendor: Jobster Marketplace

Product: WPJobster

Published: Jun 17, 2026

Source: NVD

CVE-2026-22338 HIGH - 8.1

Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.

Vendor: ThemeREX

Product: EcoBlue

Published: Jun 17, 2026

Source: NVD

CVE-2026-22335 HIGH - 8.5

Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.

Vendor: WC Lovers.

Product: WooCommerce Frontend Manager – Ultimate

Published: Jun 17, 2026

Source: NVD

CVE-2026-22334 HIGH - 7.5

Subscriber Arbitrary File Download in Woocommerce Book Price <= 1.3 versions.

Vendor: WPos

Product: Woocommerce Book Price

Published: Jun 17, 2026

Source: NVD

CVE-2026-22332 CRITICAL - 9.3

Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.

Vendor: Themeum

Product: Tutor LMS Pro

Published: Jun 17, 2026

Source: NVD

CVE-2026-22331 HIGH - 8.1

Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions.

Vendor: ThemeREX

Product: AutoParts

Published: Jun 17, 2026

Source: NVD

CVE-2026-22330 HIGH - 8.1

Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.

Vendor: Themeum

Product: Right Way

Published: Jun 17, 2026

Source: NVD

CVE-2026-22329 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.

Vendor: Themeum

Product: Skillate

Published: Jun 17, 2026

Source: NVD

CVE-2026-22328 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.

Vendor: VamTam

Product: Auto Repair

Published: Jun 17, 2026

Source: NVD

CVE-2026-22327 CRITICAL - 9.9

Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions.

Vendor: Zozothemes

Product: Restaurt

Published: Jun 17, 2026

Source: NVD

CVE-2026-22326 HIGH - 8.1

Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.

Vendor: AxiomThemes

Product: Reprizo

Published: Jun 17, 2026

Source: NVD

CVE-2026-22325 HIGH - 8.1

Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions.

Vendor: AxiomThemes

Product: Promo

Published: Jun 17, 2026

Source: NVD

« Previous 46 47 48 49 50 Next »