Eexamhall Project CVEs and Security Vulnerabilities

Search

Expected end of text, found ':' (at char 6), (line:1, col:7)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341799 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-49979			2026-04-01	N/A
Missing Authorization vulnerability in slui Media Hygiene media-hygiene allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Hygiene: from n/a through <= 4.0.1.
CVE-2025-49978			2026-04-01	N/A
Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch wp-jobsearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through < 3.0.6.
CVE-2025-49977			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory WP Inventory Manager wp-inventory-manager allows Cross Site Request Forgery.This issue affects WP Inventory Manager: from n/a through <= 2.3.4.
CVE-2025-49976			2026-04-01	N/A
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through <= 2.7.12.
CVE-2025-49975			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP jobwp allows Cross Site Request Forgery.This issue affects JobWP: from n/a through <= 2.4.0.
CVE-2025-49974			2026-04-01	N/A
Missing Authorization vulnerability in upstreamplugin UpStream: a Project Management Plugin for WordPress upstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpStream: a Project Management Plugin for WordPress: from n/a through <= 2.1.1.
CVE-2025-49973			2026-04-01	N/A
Missing Authorization vulnerability in GrandPlugins Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes image-sizes-controller allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes: from n/a through <= 1.0.10.
CVE-2025-49972			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through <= 1.4.2.
CVE-2025-49971			2026-04-01	N/A
Missing Authorization vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eDS Responsive Menu: from n/a through <= 1.2.
CVE-2025-49970			2026-04-01	N/A
Missing Authorization vulnerability in sparklewpthemes Hello FSE Blog hello-fse-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE Blog: from n/a through <= 1.0.6.
CVE-2025-49969			2026-04-01	N/A
Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression zara-4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zara 4 Image Compression: from n/a through <= 1.2.17.2.
CVE-2025-49968			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Oganro XML Travel Portal Widget oganro-reservation-widget allows Cross Site Request Forgery.This issue affects XML Travel Portal Widget: from n/a through <= 2.0.
CVE-2025-49967			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in marcusjansen Live Sports Streamthunder live-sports-streamthunder allows Cross Site Request Forgery.This issue affects Live Sports Streamthunder: from n/a through <= 2.1.
CVE-2025-49966			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Oganro Oganro Travel Portal Search Widget for HotelBeds APITUDE API oganro-travel-portal-search-widget-for-hotelbeds-apitude-api allows Cross Site Request Forgery.This issue affects Oganro Travel Portal Search Widget for HotelBeds APITUDE API: from n/a through <= 1.0.
CVE-2025-49965			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine pixelbeds-channel-manager-booking-engine allows Cross Site Request Forgery.This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through <= 1.0.
CVE-2025-49964			2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in indgeek ClipLink cliplink allows Cross Site Request Forgery.This issue affects ClipLink: from n/a through <= 1.1.
CVE-2025-49894	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through <= 1.3.3.
CVE-2025-49893	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Nuss nuss allows Reflected XSS.This issue affects Nuss: from n/a through <= 1.3.3.
CVE-2025-49892	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Uxper Booking uxper-booking allows PHP Local File Inclusion.This issue affects Uxper Booking: from n/a through <= 1.3.3.
CVE-2025-49891	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through <= 1.3.3.

« first previous Page 79 of 17090. next last »