Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,743
Quick preset (or use dates below)
Clear Filters
Showing 10,501 - 10,520 of 14,108 CVEs
CVE-2026-22471 HIGH - 8.6

Deserialization of Untrusted Data vulnerability in maximsecudeal Secudeal Payments for Ecommerce secudeal-payments-for-ecommerce allows Object Injection.This issue affects Secudeal Payments for Ecommerce: from n/a through <= 1.1.

Vendor: maximsecudeal
Product: Secudeal Payments for Ecommerce
Published: Mar 05, 2026
Source: NVD
CVE-2026-22467 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mwtemplates DeepDigital deepdigital allows Reflected XSS.This issue affects DeepDigital: from n/a through <= 1.0.2.

Vendor: mwtemplates
Product: DeepDigital
Published: Mar 05, 2026
Source: NVD
CVE-2026-22465 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SeventhQueen BuddyApp buddyapp allows Reflected XSS.This issue affects BuddyApp: from n/a through <= 1.9.2.

Vendor: SeventhQueen
Product: BuddyApp
Published: Mar 05, 2026
Source: NVD
CVE-2026-22460 HIGH - 8.6

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpWax FormGent formgent allows Path Traversal.This issue affects FormGent: from n/a through <= 1.4.2.

Vendor: wpWax
Product: FormGent
Published: Mar 05, 2026
Source: NVD
CVE-2026-22457 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue affects Wanderland: from n/a through <= 1.5.

Vendor: Mikado-Themes
Product: Wanderland
Published: Mar 05, 2026
Source: NVD
CVE-2026-22456 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Askka askka allows PHP Local File Inclusion.This issue affects Askka: from n/a through <= 1.0.

Vendor: Elated-Themes
Product: Askka
Published: Mar 05, 2026
Source: NVD
CVE-2026-22455 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree Thebe thebe allows Reflected XSS.This issue affects Thebe: from n/a through <= 1.3.0.

Vendor: foreverpinetree
Product: Thebe
Published: Mar 05, 2026
Source: NVD
CVE-2026-22452 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Hoverex hoverex allows PHP Local File Inclusion.This issue affects Hoverex: from n/a through <= 1.5.10.

Vendor: ThemeREX
Product: Hoverex
Published: Mar 05, 2026
Source: NVD
CVE-2026-22449 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Don Peppe donpeppe allows PHP Local File Inclusion.This issue affects Don Peppe: from n/a through <= 1.3.

Vendor: Select-Themes
Product: Don Peppe
Published: Mar 05, 2026
Source: NVD
CVE-2026-22446 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 1.8.1.

Vendor: Select-Themes
Product: Prowess
Published: Mar 05, 2026
Source: NVD
CVE-2026-22443 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Alliance alliance allows PHP Local File Inclusion.This issue affects Alliance: from n/a through <= 3.1.1.

Vendor: ThemeREX
Product: Alliance
Published: Mar 05, 2026
Source: NVD
CVE-2026-22442 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LaunchandSell Tribe tribe allows PHP Local File Inclusion.This issue affects Tribe: from n/a through <= 1.7.3.

Vendor: LaunchandSell
Product: Tribe
Published: Mar 05, 2026
Source: NVD
CVE-2026-22441 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Zentrum zentrum allows PHP Local File Inclusion.This issue affects Zentrum: from n/a through <= 1.0.

Vendor: Elated-Themes
Product: Zentrum
Published: Mar 05, 2026
Source: NVD
CVE-2026-22440 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree Thecs thecs allows Reflected XSS.This issue affects Thecs: from n/a through <= 1.4.7.

Vendor: foreverpinetree
Product: Thecs
Published: Mar 05, 2026
Source: NVD
CVE-2026-22439 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Green Planet green-planet allows PHP Local File Inclusion.This issue affects Green Planet: from n/a through <= 1.1.14.

Vendor: AncoraThemes
Product: Green Planet
Published: Mar 05, 2026
Source: NVD
CVE-2026-22438 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree TheBi thebi allows Reflected XSS.This issue affects TheBi: from n/a through <= 1.0.5.

Vendor: foreverpinetree
Product: TheBi
Published: Mar 05, 2026
Source: NVD
CVE-2026-22437 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Playa playa allows PHP Local File Inclusion.This issue affects Playa: from n/a through <= 1.3.9.

Vendor: AncoraThemes
Product: Playa
Published: Mar 05, 2026
Source: NVD
CVE-2026-22436 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Helvig helvig allows PHP Local File Inclusion.This issue affects Helvig: from n/a through <= 1.0.

Vendor: Elated-Themes
Product: Helvig
Published: Mar 05, 2026
Source: NVD
CVE-2026-22435 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes ElectroServ electroserv allows PHP Local File Inclusion.This issue affects ElectroServ: from n/a through <= 1.3.2.

Vendor: AncoraThemes
Product: ElectroServ
Published: Mar 05, 2026
Source: NVD
CVE-2026-22434 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Crown Art crown-art allows PHP Local File Inclusion.This issue affects Crown Art: from n/a through <= 1.2.11.

Vendor: AncoraThemes
Product: Crown Art
Published: Mar 05, 2026
Source: NVD