CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

RedhatCVE•added 2026/03/06 7:55 a.m.•5 views

CVE-2026-27385

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes DesignThemes Portfolio designthemes-portfolio allows Reflected XSS.This issue affects DesignThemes Portfolio: from n/a through = 1.3...

7.1CVSS5.8AI score0.0018EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 7:54 a.m.•5 views

CVE-2026-27386

Missing Authorization vulnerability in designthemes DesignThemes Directory Addon designthemes-directory-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Directory Addon: from n/a through = 1.8...

7.5CVSS5.8AI score0.00246EPSS

Exploits0References1

EUVD•added 2026/03/05 6:30 a.m.•5 views

EUVD-2026-9638

5.9AI score0.0018EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9639

5.9AI score0.00246EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•5 views

EUVD-2026-9584

Deserialization of Untrusted Data vulnerability in designthemes Dental Clinic dental allows Object Injection.This issue affects Dental Clinic: from n/a through = 3.7...

5.9AI score0.00368EPSS

Exploits0References2

NVD•added 2026/03/05 6:16 a.m.•2 views

CVE-2026-27388

Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through = 2.0...

7.5CVSS0.0038EPSS

Exploits0References1

NVD•added 2026/03/05 6:16 a.m.•2 views

CVE-2026-27390

Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through = 1.0.1...

8.8CVSS0.00473EPSS

Exploits0References1

ATTACKERKB•added 2026/03/05 5:54 a.m.•3 views

CVE-2026-27983

Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through = 1.0.4...

5.9AI score0.00321EPSS

Exploits0References2

ATTACKERKB•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-27386

5.9AI score0.00246EPSS

Exploits0References2

Positive Technologies•added 2026/03/05 12:0 a.m.•6 views

PT-2026-23260

5.9AI score0.00246EPSS

Exploits0References2

Positive Technologies•added 2026/03/05 12:0 a.m.•4 views

PT-2026-23263

5.9AI score0.00473EPSS

Exploits0References2

RedhatCVE•added 2026/01/23 9:16 p.m.•7 views

CVE-2025-68899

Deserialization of Untrusted Data vulnerability in designthemes Vivagh vivagh allows Object Injection.This issue affects Vivagh: from n/a through = 2.4...

8.8CVSS5.4AI score0.0037EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•5 views

CVE-2025-69002

Deserialization of Untrusted Data vulnerability in designthemes OneLife onelife allows Object Injection.This issue affects OneLife: from n/a through = 3.9...

8.8CVSS0.00344EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•3 views

CVE-2025-67619

Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through = 3.2...

8.8CVSS0.00503EPSS

Exploits0References1

Positive Technologies•added 2026/01/22 12:0 a.m.•5 views

PT-2026-4119

Name of the Vulnerable Software and Affected Versions designthemes OneLife versions n/a through 3.9 Description A flaw exists in designthemes OneLife that allows for Object Injection due to deserialization of untrusted data. This issue impacts the application’s ability to securely handle incoming...

5.5AI score0.00344EPSS

Exploits0References3

RedhatCVE•added 2025/12/31 11:5 a.m.•4 views

CVE-2025-68977

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes DesignThemes Portfolio Addon designthemes-portfolio-addon allows DOM-Based XSS.This issue affects DesignThemes Portfolio Addon: from n/a through = 1.5...

6.5CVSS6.4AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2025/12/31 11:5 a.m.•3 views

CVE-2025-68982

Missing Authorization vulnerability in designthemes DesignThemes LMS Addon designthemes-lms-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes LMS Addon: from n/a through = 2.6...

5.3CVSS7AI score0.00219EPSS

Exploits0References1

Cvelist•added 2025/12/30 10:47 a.m.•23 views

CVE-2025-68977 WordPress DesignThemes Portfolio Addon plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00156EPSS

Exploits0References1

Positive Technologies•added 2025/12/30 12:0 a.m.•4 views

PT-2025-53867

Name of the Vulnerable Software and Affected Versions DesignThemes Portfolio Addon versions through 1.5 Description A flaw exists in DesignThemes Portfolio Addon that allows for DOM-Based Cross-site Scripting XSS. This issue arises from improper neutralization of input during web page generation...

6.1CVSS6.2AI score0.00156EPSS

Exploits0References3

Vulnrichment•added 2025/12/18 7:22 a.m.•2 views

CVE-2025-64221 WordPress Reservation Plugin plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes Reservation Plugin dt-reservation-plugin allows Reflected XSS.This issue affects Reservation Plugin: from n/a through = 1.6...

7.1CVSS6AI score0.0018EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by