CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

2100 matches found

CVE•added 2026/01/22 4:52 p.m.•7 views

CVE-2026-22426

CVE-2026-22426 – WordPress theme (Elated-Themes Sweet Jane / Sweetjane) <1.2 is affected by an IDOR-style vulnerability described as Authorization Bypass Through User-Controlled Key. The Red Hat/NVD/CVE entries identify the issue as an authorization bypass via a user-controllable key and note ...

5.4CVSS5.4AI score0.00069EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2026-22404 WordPress Innovio theme <= 1.7 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Innovio innovio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Innovio: from n/a through = 1.7...

3.8CVSS5.9AI score0.00042EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•9 views

CVE-2026-22396

CVE-2026-22396 affects the WordPress Fiorello theme from Mikado-Themes up to version 1.0 (Fiorello). The vulnerability is described as an Authorization Bypass Through a User-Controlled Key, effectively an Insecure Direct Object References (IDOR) flaw that allows bypassing access control to sensit...

5.4CVSS5.4AI score0.00069EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•11 views

CVE-2026-22382

CVE-2026-22382: CSRF vulnerability in Mikado-Themes PawFriends – Pet Shop and Veterinary WordPress Theme (pawfriends), affected versions from n/a to

5.4CVSS5.4AI score0.00029EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2026-22382 WordPress PawFriends - Pet Shop and Veterinary WordPress Theme theme <= 1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Cross Site Request Forgery.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through = 1.3...

5.4CVSS5.9AI score0.00029EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•5 views

CVE-2026-22382

Cross-Site Request Forgery CSRF vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Cross Site Request Forgery.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through = 1.3...

5.4CVSS5.2AI score0.00029EPSS

Exploits0References2

Cvelist•added 2026/01/22 4:52 p.m.•15 views

CVE-2026-22382 WordPress PawFriends - Pet Shop and Veterinary WordPress Theme theme <= 1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Cross Site Request Forgery.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through = 1.3...

5.4CVSS0.00029EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-69321 WordPress Grand Spa theme <= 3.5.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Spa grandspa allows Reflected XSS.This issue affects Grand Spa: from n/a through = 3.5.5...

5.9AI score0.00019EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-69100 WordPress North theme <= 5.7.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes North north-wp allows PHP Local File Inclusion.This issue affects North: from n/a through = 5.7.5...

8.1CVSS5.9AI score0.00066EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•8 views

CVE-2025-69076

CVE-2025-69076 concerns the WordPress/AncoraThemes Modern Housewife theme up to version 1.0.12, with an Unauthenticated Local File Inclusion due to Improper Filename Control in PHP Include/Require. The vulnerability allows local file inclusion via PHP Include/Require statements; current reference...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-69079 WordPress Sound | Musical Instruments Online Store theme <= 1.6.9 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store musicplace allows Object Injection.This issue affects Sound | Musical Instruments Online Store: from n/a through = 1.6.9...

9.8CVSS5.9AI score0.00098EPSS

Exploits0References1

Cvelist•added 2026/01/22 4:52 p.m.•13 views

CVE-2025-69079 WordPress Sound | Musical Instruments Online Store theme <= 1.6.9 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store musicplace allows Object Injection.This issue affects Sound | Musical Instruments Online Store: from n/a through = 1.6.9...

9.8CVSS0.00098EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•10 views

CVE-2025-69074

CVE-2025-69074 describes an Unauthenticated Local File Inclusion (LFI) in the WordPress theme Pearson Specter by AncoraThemes, affecting Pearson Specter versions up to and including 1.11.3. The vulnerability arises from improper filename control for PHP include/require, enabling an attacker to di...

8.1CVSS5.5AI score0.00066EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•3 views

CVE-2025-69074 WordPress Pearson Specter theme <= 1.11.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Pearson Specter pearsonspecter allows PHP Local File Inclusion.This issue affects Pearson Specter: from n/a through = 1.11.3...

8.1CVSS5.9AI score0.00066EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-69065 WordPress Snow Mountain theme <= 1.4.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Snow Mountain snowmountain allows PHP Local File Inclusion.This issue affects Snow Mountain: from n/a through = 1.4.3...

8.1CVSS5.9AI score0.00124EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-69064 WordPress Pets Land theme <= 1.2.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Pets Land petsland allows PHP Local File Inclusion.This issue affects Pets Land: from n/a through = 1.2.8...

8.1CVSS5.9AI score0.00222EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•3 views

CVE-2025-69061 WordPress MoveMe theme <= 1.2.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes MoveMe moveme allows PHP Local File Inclusion.This issue affects MoveMe: from n/a through = 1.2.15...

8.1CVSS5.9AI score0.00222EPSS

Exploits0References1

Cvelist•added 2026/01/22 4:52 p.m.•12 views

CVE-2025-69058 WordPress PartyMaker theme <= 1.1.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes PartyMaker partymaker allows PHP Local File Inclusion.This issue affects PartyMaker: from n/a through = 1.1.15...

8.1CVSS0.00066EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-69057 WordPress Eldon theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Eldon eldon allows PHP Local File Inclusion.This issue affects Eldon: from n/a through = 1.0...

8.1CVSS5.9AI score0.00066EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•6 views

CVE-2025-69051

CVE-2025-69051 is a confirmed Reflected XSS in ListingPro Reviews (CridioStudio ListingPro Reviews plugin). Affected: ListingPro Reviews versions from n/a up to and including 1.7. Root cause per description: improper neutralization of input during web page generation. Connected sources list Refle...

7.1CVSS5.9AI score0.00019EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by