Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

219127 matches found

Cvelist
Cvelistadded 2026/06/02 2:3 p.m.38 views

CVE-2026-49782 WordPress Elementor Website Builder plugin <= 4.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from n/a through 4.1.0...

5.4CVSS0.0015EPSS
Exploits0References1
CVE
CVEadded 2026/06/02 2:3 p.m.71 views

CVE-2026-49782

CVE-2026-49782 concerns the WordPress Elementor Website Builder plugin (

5.4CVSS5.8AI score0.0015EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/06/02 2:2 p.m.5 views

WordPress Elementor Website Builder plugin <= 4.1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bonds in WordPress Plugin Elementor Website Builder versions = 4.1.0...

5.4CVSS5.8AI score0.0015EPSS
Exploits0Affected Software1
Cvelist
Cvelistadded 2026/06/02 2:1 p.m.35 views

CVE-2026-27351 WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/02 2:1 p.m.8 views

CVE-2026-27351

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/02 2:1 p.m.8 views

EUVD-2026-33931

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References1
CVE
CVEadded 2026/06/02 2:1 p.m.14 views

CVE-2026-27351

CVE-2026-27351 affects the WordPress Crew HRM plugin up to version 1.2.2. Root cause: Missing Authorization through incorrectly configured access control. Impact includes Low integrity, Low availability, and No confidentiality impact per CVSS 3.1 (base score 5.4). Attack vector is Network with Lo...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/02 2:1 p.m.11 views

CVE-2026-27351 WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/06/02 2:1 p.m.7 views

WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin Crew HRM versions = 1.2.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0Affected Software1
Cvelist
Cvelistadded 2026/06/02 1:51 p.m.34 views

CVE-2025-68886 WordPress Cookiteer theme <= 1.4.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in androThemes Cookiteer allows PHP Local File Inclusion. This issue affects Cookiteer: from n/a through 1.4.8...

8.1CVSS0.00337EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/02 1:51 p.m.6 views

EUVD-2025-210042

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in androThemes Cookiteer allows PHP Local File Inclusion. This issue affects Cookiteer: from n/a through 1.4.8...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
CVE
CVEadded 2026/06/02 1:50 p.m.8 views

CVE-2025-69369

CVE-2025-69369 is a Local File Inclusion vulnerability in the WordPress theme Racquet (Racquet

8.1CVSS5.8AI score0.00327EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/02 1:50 p.m.34 views

CVE-2025-69369 WordPress Racquet theme <= 1.12.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...

8.1CVSS0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/02 1:50 p.m.7 views

CVE-2025-69369 WordPress Racquet theme <= 1.12.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...

8.1CVSS5.8AI score0.00327EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/02 1:50 p.m.9 views

CVE-2025-69369

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...

8.1CVSS5.8AI score0.00327EPSS
Exploits0References2
CVE
CVEadded 2026/06/02 1:48 p.m.10 views

CVE-2025-58897

The CVE-2025-58897 entry concerns the WordPress Fermentio theme (

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/02 1:48 p.m.7 views

CVE-2025-58897

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Fermentio allows PHP Local File Inclusion. This issue affects Fermentio: from n/a through 1.5.0...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/02 1:48 p.m.8 views

CVE-2025-58707

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/02 1:48 p.m.6 views

CVE-2025-58707 WordPress Spin theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
CVE
CVEadded 2026/06/02 1:48 p.m.12 views

CVE-2025-58707

The CVE-2025-58707 issue is a Local File Inclusion vulnerability in the WordPress Spin theme (Spin) versions up to 1.8. It arises from improper handling of filenames for include/require statements in a PHP program, enabling PHP LFI. Affected product: Axiomthemes Spin (WordPress Spin theme

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
Rows per page
Query Builder