Total CVEs

142,432

Critical Severity

3,972

High Severity

14,286

Last 7 Days

1,840
Quick preset (or use dates below)
Clear Filters
Showing 12,901 - 12,920 of 14,286 CVEs
CVE-2025-69321 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Spa grandspa allows Reflected XSS.This issue affects Grand Spa: from n/a through <= 3.5.5.

Vendor: ThemeGoods
Product: Grand Spa
Published: Jan 22, 2026
Source: NVD
CVE-2025-69320 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Magazine grandmagazine allows Reflected XSS.This issue affects Grand Magazine: from n/a through <= 3.5.7.

Vendor: ThemeGoods
Product: Grand Magazine
Published: Jan 22, 2026
Source: NVD
CVE-2025-69319 HIGH - 7.5

Improper Control of Generation of Code ('Code Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Code Injection.This issue affects Beaver Builder: from n/a through <= 2.9.4.1.

Vendor: Beaver Builder
Product: Beaver Builder
Published: Jan 22, 2026
Source: NVD
CVE-2025-69318 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hossni Mubarak JobWP jobwp allows Stored XSS.This issue affects JobWP: from n/a through <= 2.4.5.

Vendor: Hossni Mubarak
Product: JobWP
Published: Jan 22, 2026
Source: NVD
CVE-2025-69314 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through < 4.8.3.

Vendor: fuelthemes
Product: Werkstatt
Published: Jan 22, 2026
Source: NVD
CVE-2025-69313 HIGH - 7.5

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 5.0.3.

Vendor: WPXPO
Product: PostX
Published: Jan 22, 2026
Source: NVD
CVE-2025-69311 HIGH - 7.6

Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through <= 1.52.1.

Vendor: Broadstreet
Product: Broadstreet Ads
Published: Jan 22, 2026
Source: NVD
CVE-2025-69293 HIGH - 8.8

Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5.

Vendor: e-plugins
Product: Final User
Published: Jan 22, 2026
Source: NVD
CVE-2025-69292 HIGH - 8.8

Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4.

Vendor: e-plugins
Product: WP Membership
Published: Jan 22, 2026
Source: NVD
CVE-2025-69193 HIGH - 7.3

Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through <= 1.6.4.

Vendor: e-plugins
Product: WP Membership
Published: Jan 22, 2026
Source: NVD
CVE-2025-69192 HIGH - 7.3

Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Pro: from n/a through <= 2.1.5.

Vendor: e-plugins
Product: Real Estate Pro
Published: Jan 22, 2026
Source: NVD
CVE-2025-69191 HIGH - 7.3

Missing Authorization vulnerability in e-plugins ListingHub listinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingHub: from n/a through <= 1.2.7.

Vendor: e-plugins
Product: ListingHub
Published: Jan 22, 2026
Source: NVD
CVE-2025-69190 HIGH - 7.3

Missing Authorization vulnerability in e-plugins Listihub listihub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listihub: from n/a through <= 1.0.6.

Vendor: e-plugins
Product: Listihub
Published: Jan 22, 2026
Source: NVD
CVE-2025-69188 HIGH - 7.3

Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a through <= 1.7.1.

Vendor: e-plugins
Product: fitness-trainer
Published: Jan 22, 2026
Source: NVD
CVE-2025-69187 HIGH - 7.3

Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Final User: from n/a through <= 1.2.5.

Vendor: e-plugins
Product: Final User
Published: Jan 22, 2026
Source: NVD
CVE-2025-69186 HIGH - 7.3

Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9.

Vendor: e-plugins
Product: Hospital Doctor Directory
Published: Jan 22, 2026
Source: NVD
CVE-2025-69185 HIGH - 7.3

Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through <= 1.4.2.

Vendor: e-plugins
Product: Hotel Listing
Published: Jan 22, 2026
Source: NVD
CVE-2025-69184 HIGH - 7.3

Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through <= 1.3.4.

Vendor: e-plugins
Product: Institutions Directory
Published: Jan 22, 2026
Source: NVD
CVE-2025-69183 HIGH - 8.8

Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Privilege Escalation.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9.

Vendor: e-plugins
Product: Hospital Doctor Directory
Published: Jan 22, 2026
Source: NVD
CVE-2025-69182 HIGH - 8.8

Incorrect Privilege Assignment vulnerability in e-plugins Institutions Directory institutions-directory allows Privilege Escalation.This issue affects Institutions Directory: from n/a through <= 1.3.4.

Vendor: e-plugins
Product: Institutions Directory
Published: Jan 22, 2026
Source: NVD