Search
Search Results (360556 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69173 | 2 Themerex, Wordpress | 2 Tipsy, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions. | ||||
| CVE-2026-22325 | 2 Axiomthemes, Wordpress | 2 Promo, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions. | ||||
| CVE-2026-22326 | 2 Axiomthemes, Wordpress | 2 Reprizo, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions. | ||||
| CVE-2026-22330 | 2 Themeum, Wordpress | 2 Right Way, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Right Way <= 4.0 versions. | ||||
| CVE-2026-22331 | 2 Themerex, Wordpress | 2 Autoparts, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions. | ||||
| CVE-2026-22338 | 2 Themerex, Wordpress | 2 Ecoblue, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions. | ||||
| CVE-2026-25446 | 2 Wishlist Products, Wordpress | 2 Wishlist Member X, Wordpress | 2026-06-26 | 9.9 Critical |
| Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions. | ||||
| CVE-2026-39558 | 2 Elated-themes, Wordpress | 2 Malmö, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Malmö <= 2.2 versions. | ||||
| CVE-2026-40731 | 1 Mikado-themes | 2 Chapterone, Halstein | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in ChapterOne <= 1.7 versions. | ||||
| CVE-2026-40735 | 2 Edge-themes, Wordpress | 2 Reina, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Reina <= 2.1 versions. | ||||
| CVE-2026-45436 | 2 Rain-task, Wordpress | 2 Wpbakery Page Builder, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions. | ||||
| CVE-2025-31013 | 2 Themify, Wordpress | 2 Themify Folo, Wordpress | 2026-06-26 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6. | ||||
| CVE-2025-59872 | 1 Hcltech | 1 Zie For Web | 2026-06-26 | 4.3 Medium |
| HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability, If the server is configured to execute code, then it may be possible to obtain command execution on the server by uploading a file known as a web shell, which allows you to execute arbitrary code or operating system commands. For this attack to be successful, the file needs to be uploaded inside the Webroot, and the server must be configured to execute the code | ||||
| CVE-2025-69106 | 2 Themerex, Wordpress | 2 Imba, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Imba <= 1.5.0 versions. | ||||
| CVE-2025-69111 | 2 Themerex, Wordpress | 2 Reisen, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions. | ||||
| CVE-2025-69120 | 2 Themerex, Wordpress | 2 Dazzle, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Dazzle <= 1.0.0 versions. | ||||
| CVE-2025-69123 | 2 Themerex, Wordpress | 2 Snow Club, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions. | ||||
| CVE-2025-69126 | 2 Themerex, Wordpress | 2 Fortius, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions. | ||||
| CVE-2025-69127 | 2 Themerex, Wordpress | 2 Plumbing, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions. | ||||
| CVE-2025-69157 | 2 Themerex, Wordpress | 2 Gamic, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Gamic <= 1.15 versions. | ||||