17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 10651-10700 of 17282 CVEs Page 214 of 346
CVE-2025-60220
8.2
Unknown Multiple Products

Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation

2025-10-22
CVE-2025-60219
Analyzed
10
HP Multiple Products

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro allows Upload a Web Shell to a Web Server. This is...

2025-09-26
CVE-2025-60217
7.7
Unknown Multiple Products

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ypromo PT Luxa Addons pt-luxa-addons allows Path Trave...

2025-10-23
CVE-2025-60216
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in BoldThemes Addison addison allows Object Injection.This issue affects Addison: from n/a through <=...

2025-10-23
CVE-2025-60215
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in designthemes Kriya kriya allows Object Injection

2025-10-23
CVE-2025-60214
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in BoldThemes Goldenblatt goldenblatt allows Object Injection.This issue affects Goldenblatt: from n/a...

2025-10-22
CVE-2025-60213
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in Whitebox-Studio Scape scape allows Object Injection.This issue affects Scape: from n/a through <= 1...

2025-10-23
CVE-2025-60212
8.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in designthemes VEDA veda allows Object Injection

2025-10-23
CVE-2025-60211
8.8
Unknown Multiple Products

Incorrect Privilege Assignment vulnerability in extendons WooCommerce Registration Fields Plugin - Custom Signup Fields extendons-registration-fields...

2025-10-23
CVE-2025-60210
Analyzed
9.8
HP Multiple Products

Deserialization of Untrusted Data vulnerability in wpeverest Everest Forms - Frontend Listing everest-forms-frontend-listing allows Object Injection.T...

2025-10-23
CVE-2025-60209
Analyzed
8.2
Google Multiple Products

Deserialization of Untrusted Data vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets wp-gravity-forms-spreadsheets allows Object...

2025-10-22
CVE-2025-60208
8.8
Tusko Trush Advanced Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injectio...

2025-10-23
CVE-2025-60206
8.2
Bearsthemes Alone Multiple Products

Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone alone allows Code Injection

2025-10-22
CVE-2025-60204
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Josh Kohlbach WooCommerce Sto...

2025-11-06
CVE-2025-60203
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Josh Kohlbach Store Exporter...

2025-11-06
CVE-2025-60202
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favor...

2025-11-06
CVE-2025-60201
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in aguilatechnologies WP Custome...

2025-11-06
CVE-2025-60200
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress LearnPress Export I...

2025-11-06
CVE-2025-60199
Analyzed
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dedalx InHype - Blog & Magazi...

2025-11-06
CVE-2025-60198
Analyzed
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dedalx Saxon - Viral Content...

2025-11-06
CVE-2025-60197
Analyzed
8.2
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in owenr88 Simple Contact Forms...

2025-11-06
CVE-2025-60196
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Clearblue Clearblue® Ovulatio...

2025-11-06
CVE-2025-60195
Analyzed
9.8
Unknown Multiple Products

Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Privilege Escalation.This issue affects Atarim: f...

2025-11-06
CVE-2025-60194
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Product S...

2025-11-06
CVE-2025-60193
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce User Role...

2025-11-06
CVE-2025-60192
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wholesale...

2025-11-06
CVE-2025-60191
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wishlist...

2025-11-06
CVE-2025-60190
Analyzed
8.1
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hinnerk Altenburg Immocaster...

2025-11-06
CVE-2025-60180
Analyzed
9.8
Salesforce Multiple Products

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue aff...

2025-12-19
CVE-2025-6018
7.8
Linux Multiple Products

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM)

2025-07-23
CVE-2025-60178
Analyzed
9.8
Unknown Multiple Products

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity...

2025-12-19
CVE-2025-60174
Analyzed
9.8
HP Multiple Products

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This...

2025-12-19
CVE-2025-60173
7.1
Ashwani kumar GST Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Ashwani kumar GST for WooCommerce allows Stored XSS

2025-09-26
CVE-2025-60172
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in flytedesk Flytedesk Digital allows Stored XSS

2025-09-26
CVE-2025-60171
7.1
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in yourplugins Conditional Cart Messages for WooCommerce &#8211; YourPlugins

2025-09-26
CVE-2025-60170
7.1
Taraprasad Swain Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in Taraprasad Swain HTACCESS IP Blocker allows Stored XSS

2025-09-26
CVE-2025-60169
7.1
Contact Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in W3S Cloud Technology W3SCloud Contact Form 7 to Zoho CRM allows Stored XSS

2025-09-26
CVE-2025-60164
7.1
NewsMAN NewsmanApp Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in NewsMAN NewsmanApp allows Stored XSS

2025-09-26
CVE-2025-60156
Analyzed
9.6
WordPress Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a Web Shell to a Web Server. This issue affects AR For W...

2025-09-26
CVE-2025-60153
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpshuffle Subscribe To Unlock...

2025-09-26
CVE-2025-60151
7.5
CRM Perks WP Gravity Multiple Products

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Phishing

2025-10-22
CVE-2025-60150
Analyzed
7.5
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpshuffle Subscribe to Downlo...

2025-09-26
CVE-2025-60126
Analyzed
8.8
HP Multiple Products

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PluginOps Testimonial Slider...

2025-09-26
CVE-2025-60118
Analyzed
8.5
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Potenzaglobalsolutions PGS Core allows SQL Injec...

2025-09-26
CVE-2025-60111
Analyzed
8.8
Unknown Multiple Products

Cross-Site Request Forgery (CSRF) vulnerability in javothemes Javo Core allows Authentication Bypass

2025-09-26
CVE-2025-60110
8.5
LambertGroup AllInOne Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup AllInOne - Banner Rotator allows SQ...

2025-09-26
CVE-2025-60109
8.5
LambertGroup Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Content S...

2025-09-26
CVE-2025-60108
8.5
LambertGroup Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Banner wi...

2025-09-26
CVE-2025-60107
8.5
LambertGroup Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Banner wi...

2025-09-26
CVE-2025-60091
Analyzed
9.8
HP Multiple Products

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP...

2025-12-19