CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

8.1CVSS5.5AI score0.00512EPSS

EUVD-2026-3943

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bailly bailly allows PHP Local File Inclusion.This issue affects Bailly: from n/a through = 1.3.4...

EUVD-2026-3938

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Search & Go search-and-go allows PHP Local File Inclusion.This issue affects Search & Go: from n/a through = 2.8...

5.5AI score0.00403EPSS

EUVD-2026-3935

Deserialization of Untrusted Data vulnerability in designthemes OneLife onelife allows Object Injection.This issue affects OneLife: from n/a through = 3.9...

5.4AI score0.00344EPSS

EUVD-2026-3976

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through = 11.0.2...

5.4AI score0.00175EPSS

EUVD-2026-3975

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cjjparadoxmax Synergy Project Manager synergy-project-manager allows Stored XSS.This issue affects Synergy Project Manager: from n/a through = 1.5...

5.4AI score0.00148EPSS

EUVD-2026-3974

Deserialization of Untrusted Data vulnerability in designthemes Vivagh vivagh allows Object Injection.This issue affects Vivagh: from n/a through = 2.4...

5.4AI score0.0037EPSS

EUVD-2026-3973

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold enfold allows DOM-Based XSS.This issue affects Enfold: from n/a through = 7.1.3...

5.4AI score0.00198EPSS

EUVD•added 2026/01/22 4:52 p.m.•5 views

EUVD-2026-3971

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through = 8.0...

5.4AI score0.00447EPSS

EUVD-2026-3970

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...

5.4AI score0.00175EPSS

EUVD-2026-3967

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shoutoutglobal ShoutOut shoutout allows Reflected XSS.This issue affects ShoutOut: from n/a through = 4.0.2...

5.4AI score0.00175EPSS

EUVD-2026-3985

Missing Authorization vulnerability in Scalenut Scalenut scalenut allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scalenut: from n/a through = 1.1.3...

5.4AI score0.00246EPSS

EUVD-2026-4011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in noCreativity Dooodl dooodl allows Reflected XSS.This issue affects Dooodl: from n/a through = 2.3.0...

5.4AI score0.00236EPSS

EUVD-2026-4017

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in woofer696 Dinatur dinatur allows Stored XSS.This issue affects Dinatur: from n/a through = 1.18...

5.4AI score0.00222EPSS

EUVD-2026-4010

Incorrect Privilege Assignment vulnerability in LazyCoders LLC LazyTasks lazytasks-project-task-management allows Privilege Escalation.This issue affects LazyTasks: from n/a through = 1.4.01...

5.4AI score0.00423EPSS

EUVD-2026-3996

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Casey Bisson wpCAS wpcas allows Reflected XSS.This issue affects wpCAS: from n/a through = 1.07...

5.4AI score0.0018EPSS

EUVD-2026-3984

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Frank Corso Quote Master quote-master allows Reflected XSS.This issue affects Quote Master: from n/a through = 7.1.1...

5.4AI score0.0023EPSS

EUVD-2026-4016

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods DotLife dotlife allows Reflected XSS.This issue affects DotLife: from n/a through 4.9.5...

5.4AI score0.00222EPSS

EUVD•added 2026/01/22 4:52 p.m.•5 views

EUVD-2026-3997

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Hoteller hoteller allows Reflected XSS.This issue affects Hoteller: from n/a through 6.8.9...

5.4AI score0.00222EPSS

EUVD-2026-3992

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through 7.7.5...

5.5AI score0.00403EPSS

EUVD-2026-4013

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.22...

5.6AI score0.00389EPSS