CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2135 matches found

Vulnrichment•added 2026/03/13 11:41 a.m.•2 views

CVE-2026-32347 WordPress Restaurant and Cafe theme <= 1.2.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in raratheme Restaurant and Cafe restaurant-and-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restaurant and Cafe: from n/a through = 1.2.5...

5.8AI score0.00214EPSS

Exploits0References1

CVE•added 2026/03/13 11:41 a.m.•10 views

CVE-2026-32346

The CVE-2026-32346 entry concerns the WordPress Travel Agency theme (raratheme) <= 1.5.5 with a Missing Authorization vulnerability. The issue stems from incorrectly configured access control allowing bypass of authorization to access restricted functionality or data. Affected software: Travel...

5.3CVSS5.8AI score0.00214EPSS

Exploits0References1

Cvelist•added 2026/03/13 11:41 a.m.•24 views

CVE-2026-32340 WordPress Business One Page theme <= 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in raratheme Business One Page business-one-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business One Page: from n/a through = 1.3.2...

5.3CVSS0.00224EPSS

Exploits0References1

Vulnrichment•added 2026/03/13 11:41 a.m.•2 views

CVE-2026-32340 WordPress Business One Page theme <= 1.3.2 - Broken Access Control vulnerability

5.3CVSS5.8AI score0.00224EPSS

Exploits0References1

CVE•added 2026/03/13 11:41 a.m.•8 views

CVE-2026-32340

CVE-2026-32340 affects the WordPress theme Business One Page (raratheme) up to version 1.3.2. The issue is a Missing Authorization/Broken Access Control vulnerability caused by incorrectly configured access control security levels in the Business One Page plugin, enabling unauthorized access due ...

5.3CVSS5.8AI score0.00224EPSS

Exploits0References1

Cvelist•added 2026/03/13 11:41 a.m.•20 views

CVE-2026-32337 WordPress Preschool and Kindergarten theme <= 1.2.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in raratheme Preschool and Kindergarten preschool-and-kindergarten allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Preschool and Kindergarten: from n/a through = 1.2.5...

5.3CVSS0.00214EPSS

Exploits0References1

Cvelist•added 2026/03/13 11:41 a.m.•25 views

CVE-2026-32335 WordPress The Conference theme <= 1.2.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in raratheme The Conference the-conference allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Conference: from n/a through = 1.2.5...

5.3CVSS0.00224EPSS

Exploits0References1

CVE•added 2026/03/13 11:41 a.m.•6 views

CVE-2026-32336

The CVE concerns the WordPress theme “Rara Business” by Raratheme, affected up to version 1.3.0, with a Missing Authorization (Broken Access Control) vulnerability. The issue arises from incorrectly configured access control security levels allowing Unauthorized access to privileged actions. The ...

5.3CVSS5.8AI score0.00214EPSS

Exploits0References1

CVE•added 2026/03/13 11:41 a.m.•6 views

CVE-2026-32337

CVE-2026-32337 concerns a Missing Authorization vulnerability in the WordPress theme “Preschool and Kindergarten” by raratheme, affecting versions from n/a through

5.3CVSS5.8AI score0.00214EPSS

Exploits0References1

Patchstack•added 2026/03/10 12:16 p.m.•4 views

WordPress News Magazine X theme <= 1.2.50 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme News Magazine X versions = 1.2.50...

7.5CVSS5.8AI score0.00278EPSS

Exploits0Affected Software1

Patchstack•added 2026/03/10 11:5 a.m.•3 views

WordPress Work & Travel Company theme <= 1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Work & Travel Company versions = 1.2...

9.8CVSS5.8AI score0.00375EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/03/06 7:55 a.m.•2 views

CVE-2026-27336

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, Accounting &...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 7:55 a.m.•6 views

CVE-2026-27341

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopScorer - Sports WordPress Theme topscorer allows PHP Local File Inclusion.This issue affects TopScorer - Sports WordPress Theme: from n/a through = 1.2...

8.1CVSS5.8AI score0.00415EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 7:55 a.m.•6 views

CVE-2026-27097

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Them...

8.1CVSS5.8AI score0.00512EPSS

Exploits1References1

RedhatCVE•added 2026/03/06 7:54 a.m.•4 views

CVE-2026-27326

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 7:54 a.m.•4 views

CVE-2026-27340

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Apollo | Night Club, DJ Event WordPress Theme apollo allows PHP Local File Inclusion.This issue affects Apollo | Night Club, DJ Event WordPress Theme: from n/a throu...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 7:54 a.m.•2 views

CVE-2026-27342

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopFit - Fitness and Gym WordPress Theme topfit allows PHP Local File Inclusion.This issue affects TopFit - Fitness and Gym WordPress Theme: from n/a through = 1.9...

8.1CVSS5.8AI score0.00415EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 7:54 a.m.•5 views

CVE-2026-27337

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress...

8.1CVSS5.8AI score0.00512EPSS

Exploits0References1

Patchstack•added 2026/03/05 11:41 a.m.•7 views

WordPress m2 | Construction and Tools Store theme <= 1.1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme m2 | Construction and Tools Store versions = 1.1.2...

5.8AI score0.0051EPSS

Exploits0Affected Software1

Patchstack•added 2026/03/05 11:17 a.m.•4 views

WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Gioia versions = 1.4...

5.8AI score0.00504EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by