Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,712
Quick preset (or use dates below)
Clear Filters
Showing 11,221 - 11,240 of 14,108 CVEs
CVE-2026-24959 HIGH - 8.5

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through <= 3.0.1.

Vendor: JoomSky
Product: JS Help Desk
Published: Feb 20, 2026
Source: NVD
CVE-2026-24955 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Whizz Plugins whizz-plugins allows Reflected XSS.This issue affects Whizz Plugins: from n/a through <= 1.9.

Vendor: fox-themes
Product: Whizz Plugins
Published: Feb 20, 2026
Source: NVD
CVE-2026-24950 HIGH - 7.5

Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: from n/a through <= 1.0.6.

Vendor: themeplugs
Product: Authorsy
Published: Feb 20, 2026
Source: NVD
CVE-2026-24949 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods PhotoMe photome allows DOM-Based XSS.This issue affects PhotoMe: from n/a through <= 5.7.1.

Vendor: ThemeGoods
Product: PhotoMe
Published: Feb 20, 2026
Source: NVD
CVE-2026-24948 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Reflector reflector-plugins allows Reflected XSS.This issue affects Reflector: from n/a through <= 1.2.2.

Vendor: fox-themes
Product: Reflector
Published: Feb 20, 2026
Source: NVD
CVE-2026-24943 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Conference grandconference allows Reflected XSS.This issue affects Grand Conference: from n/a through <= 5.3.4.

Vendor: ThemeGoods
Product: Grand Conference
Published: Feb 20, 2026
Source: NVD
CVE-2026-24941 HIGH - 7.5

Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.4.

Vendor: wpjobportal
Product: WP Job Portal
Published: Feb 20, 2026
Source: NVD
CVE-2026-22383 HIGH - 7.5

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a th...

Vendor: Mikado-Themes
Product: PawFriends - Pet Shop and Veterinary WordPress Theme
Published: Feb 20, 2026
Source: NVD
CVE-2026-22381 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows PHP Local File Inclusion.This issue affects PawFriends - Pet Shop and Veterinary Wor...

Vendor: Mikado-Themes
Product: PawFriends - Pet Shop and Veterinary WordPress Theme
Published: Feb 20, 2026
Source: NVD
CVE-2026-22380 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes UnlimHost unlimhost allows PHP Local File Inclusion.This issue affects UnlimHost: from n/a through <= 1.2.3.

Vendor: AncoraThemes
Product: UnlimHost
Published: Feb 20, 2026
Source: NVD
CVE-2026-22379 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Netmix netmix allows PHP Local File Inclusion.This issue affects Netmix: from n/a through <= 1.0.10.

Vendor: AncoraThemes
Product: Netmix
Published: Feb 20, 2026
Source: NVD
CVE-2026-22378 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Blabber blabber allows PHP Local File Inclusion.This issue affects Blabber: from n/a through <= 1.7.0.

Vendor: AncoraThemes
Product: Blabber
Published: Feb 20, 2026
Source: NVD
CVE-2026-22377 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Saveo saveo allows PHP Local File Inclusion.This issue affects Saveo: from n/a through <= 1.1.2.

Vendor: AncoraThemes
Product: Saveo
Published: Feb 20, 2026
Source: NVD
CVE-2026-22376 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Parkivia parkivia allows PHP Local File Inclusion.This issue affects Parkivia: from n/a through <= 1.1.9.

Vendor: AncoraThemes
Product: Parkivia
Published: Feb 20, 2026
Source: NVD
CVE-2026-22375 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Impacto Patronus impacto-patronus allows PHP Local File Inclusion.This issue affects Impacto Patronus: from n/a through <= 1.2.3.

Vendor: AncoraThemes
Product: Impacto Patronus
Published: Feb 20, 2026
Source: NVD
CVE-2026-22374 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Zio Alberto zioalberto allows PHP Local File Inclusion.This issue affects Zio Alberto: from n/a through <= 1.2.2.

Vendor: AncoraThemes
Product: Zio Alberto
Published: Feb 20, 2026
Source: NVD
CVE-2026-22373 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fooddy fooddy allows PHP Local File Inclusion.This issue affects Fooddy: from n/a through <= 1.3.10.

Vendor: AncoraThemes
Product: Fooddy
Published: Feb 20, 2026
Source: NVD
CVE-2026-22372 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Isida isida allows PHP Local File Inclusion.This issue affects Isida: from n/a through <= 1.4.2.

Vendor: AncoraThemes
Product: Isida
Published: Feb 20, 2026
Source: NVD
CVE-2026-22371 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Gustavo gustavo allows PHP Local File Inclusion.This issue affects Gustavo: from n/a through <= 1.2.2.

Vendor: AncoraThemes
Product: Gustavo
Published: Feb 20, 2026
Source: NVD
CVE-2026-22370 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Marveland marveland allows PHP Local File Inclusion.This issue affects Marveland: from n/a through <= 1.3.0.

Vendor: axiomthemes
Product: Marveland
Published: Feb 20, 2026
Source: NVD