Search Results (86095 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-31013 2 Themify, Wordpress 2 Themify Folo, Wordpress 2026-06-26 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6.
CVE-2025-69106 2 Themerex, Wordpress 2 Imba, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Imba <= 1.5.0 versions.
CVE-2025-69120 2 Themerex, Wordpress 2 Dazzle, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Dazzle <= 1.0.0 versions.
CVE-2025-69123 2 Themerex, Wordpress 2 Snow Club, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions.
CVE-2025-69126 2 Themerex, Wordpress 2 Fortius, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions.
CVE-2025-69157 2 Themerex, Wordpress 2 Gamic, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Gamic <= 1.15 versions.
CVE-2025-69158 2 Themerex, Wordpress 2 Granola, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Granola <= 1.13 versions.
CVE-2025-69166 2 Themerex, Wordpress 2 Gunslinger, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions.
CVE-2025-69174 2 Themerex, Wordpress 2 Etude, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Etude <= 1.6 versions.
CVE-2026-39523 2 Elated-themes, Wordpress 2 Solene Core, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Solene Core <= 2.3.2 versions.
CVE-2026-39556 2 Elated-themes, Wordpress 2 Konsept, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Konsept <= 1.9 versions.
CVE-2026-39560 2 Select-themes, Wordpress 2 Hiroshi, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions.
CVE-2026-39576 2 Elated-themes, Wordpress 2 Singlemalt, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions.
CVE-2026-39590 2 Thememove, Wordpress 2 Atomlab, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Atomlab <= 2.4.5 versions.
CVE-2026-40733 2 Mikado-themes, Wordpress 2 Shiftup, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions.
CVE-2026-40756 2 Mikado-themes, Wordpress 2 Zoya, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Zoya <= 1.4 versions.
CVE-2026-40757 2 Mikado-themes, Wordpress 2 Château, Wordpress 2026-06-26 8.1 High
Unauthenticated PHP Object Injection in Château <= 1.2.1 versions.
CVE-2026-52707 2 Mikado-themes, Wordpress 2 Kastell, Wordpress 2026-06-26 8.1 High
Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
CVE-2026-54813 2 Brainstorm Force, Wordpress 2 Suredash, Wordpress 2026-06-26 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brainstorm Force SureDash allows Blind SQL Injection. This issue affects SureDash: from n/a through 1.8.0.
CVE-2026-22283 1 Dell 1 Powerflex 2026-06-26 7.5 High
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.