CVE.report

CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.

CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags


CVSS Calculator

The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.

Free CVE JSON API

cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.

Read the API docs

[rss] [api]
Recent CVEs
CVE Description Updated
CVE-2026-40786 json Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access... Wed, 29 Apr 2026 06:23:08
CVE-2026-40784 json Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Explo... Wed, 29 Apr 2026 06:23:08
CVE-2026-40778 json Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Confi... Wed, 29 Apr 2026 06:23:08
CVE-2026-40764 json Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request... Wed, 29 Apr 2026 06:23:08
CVE-2026-40742 json Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configu... Wed, 29 Apr 2026 06:23:08
CVE-2026-40729 json Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configu... Wed, 29 Apr 2026 06:23:08
CVE-2026-40728 json Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Acce... Wed, 29 Apr 2026 06:23:08
CVE-2026-39716 json Missing Authorization vulnerability in CKThemes Flipmart flipmart allows Exploiting Incorrectly Configured Access Control Sec... Wed, 29 Apr 2026 06:23:08
CVE-2026-39713 json Missing Authorization vulnerability in mailercloud Mailercloud – Integrate webforms and synchronize website contacts mailer... Wed, 29 Apr 2026 06:23:08
CVE-2026-39712 json Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in tagDiv tagDiv Composer td-comp... Wed, 29 Apr 2026 06:23:08
CVE-2026-39706 json Missing Authorization vulnerability in Netro Systems Make My Trivia trivialy allows Exploiting Incorrectly Configured Access ... Wed, 29 Apr 2026 06:23:08
CVE-2026-39704 json Missing Authorization vulnerability in nfusionsolutions Precious Metals Automated Product Pricing – Pro precious-metals-aut... Wed, 29 Apr 2026 06:23:08
CVE-2026-39701 json Missing Authorization vulnerability in Andrew ShopWP wpshopify allows Exploiting Incorrectly Configured Access Control Securi... Wed, 29 Apr 2026 06:23:08
CVE-2026-39700 json Missing Authorization vulnerability in WPXPO WowOptin optin allows Exploiting Incorrectly Configured Access Control Security ... Wed, 29 Apr 2026 06:23:08
CVE-2026-39698 json Missing Authorization vulnerability in PublisherDesk The Publisher Desk ads.txt the-publisher-desk-ads-txt allows Exploiting ... Wed, 29 Apr 2026 06:23:08
CVE-2026-39697 json Missing Authorization vulnerability in HBSS Technologies MAIO – The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allo... Wed, 29 Apr 2026 06:23:08
CVE-2026-39694 json Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting I... Wed, 29 Apr 2026 06:23:07
CVE-2026-39689 json Missing Authorization vulnerability in eshipper eShipper Commerce eshipper-commerce allows Exploiting Incorrectly Configured ... Wed, 29 Apr 2026 06:23:07
CVE-2026-39688 json Missing Authorization vulnerability in Glowlogix WP Frontend Profile wp-front-end-profile allows Exploiting Incorrectly Confi... Wed, 29 Apr 2026 06:23:07
CVE-2026-39687 json Missing Authorization vulnerability in Rapid Car Check Rapid Car Check Vehicle Data free-vehicle-data-uk allows Exploiting In... Wed, 29 Apr 2026 06:23:07
CVE-2026-39686 json Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf... Wed, 29 Apr 2026 06:23:07
CVE-2026-39682 json Missing Authorization vulnerability in Arjan Pronk linkPizza-Manager linkpizza-manager allows Exploiting Incorrectly Configur... Wed, 29 Apr 2026 06:23:07
CVE-2026-39680 json Missing Authorization vulnerability in MWP Development Diet Calorie Calculator diet-calorie-calculator allows Exploiting Inco... Wed, 29 Apr 2026 06:23:07
CVE-2026-39678 json Missing Authorization vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Exploiting Incorrectly Config... Wed, 29 Apr 2026 06:23:07
CVE-2026-39676 json Missing Authorization vulnerability in Shahjada Download Manager download-manager allows Exploiting Incorrectly Configured Ac... Wed, 29 Apr 2026 06:23:07
CVE-2026-39675 json Missing Authorization vulnerability in webmuehle Court Reservation court-reservation allows Exploiting Incorrectly Configured... Wed, 29 Apr 2026 06:23:07
CVE-2026-39672 json Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploit... Wed, 29 Apr 2026 06:23:07
CVE-2026-39671 json Cross-Site Request Forgery (CSRF) vulnerability in Dotstore Extra Fees Plugin for WooCommerce woo-conditional-product-fees-fo... Wed, 29 Apr 2026 06:23:07
CVE-2026-39664 json Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control ... Wed, 29 Apr 2026 06:23:07
CVE-2026-39662 json Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woo... Wed, 29 Apr 2026 06:23:07
CVE-2026-39660 json Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Acce... Wed, 29 Apr 2026 06:23:07
CVE-2026-39658 json Missing Authorization vulnerability in Coding Panda Panda Pods Repeater Field panda-pods-repeater-field allows Exploiting Inc... Wed, 29 Apr 2026 06:23:07
CVE-2026-39657 json Missing Authorization vulnerability in leadlovers leadlovers forms leadlovers-forms allows Exploiting Incorrectly Configured ... Wed, 29 Apr 2026 06:23:07
CVE-2026-39654 json Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple ... Wed, 29 Apr 2026 06:23:07
CVE-2026-39653 json Missing Authorization vulnerability in Deepen Bajracharya Video Conferencing with Zoom video-conferencing-with-zoom-api allow... Wed, 29 Apr 2026 06:23:07
CVE-2026-39652 json Missing Authorization vulnerability in igms iGMS Direct Booking igms-direct-booking allows Exploiting Incorrectly Configured ... Wed, 29 Apr 2026 06:23:06
CVE-2026-39651 json Missing Authorization vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Exploiting Incorrectly Configured Acc... Wed, 29 Apr 2026 06:23:06
CVE-2026-39650 json Missing Authorization vulnerability in Unitech Web UnitechPay unitechpay-paiements-mobile-money allows Exploiting Incorrectly... Wed, 29 Apr 2026 06:23:06
CVE-2026-39648 json Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Contro... Wed, 29 Apr 2026 06:23:06
CVE-2026-39644 json Missing Authorization vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Exploiting Incorrectly Configured ... Wed, 29 Apr 2026 06:23:06
CVE-2026-39641 json Cross-Site Request Forgery (CSRF) vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issu... Wed, 29 Apr 2026 06:23:06
CVE-2026-39639 json Missing Authorization vulnerability in redpixelstudios RPS Include Content rps-include-content allows Exploiting Incorrectly ... Wed, 29 Apr 2026 06:23:06
CVE-2026-39635 json Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.... Wed, 29 Apr 2026 06:23:06
CVE-2026-39633 json Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Car Rental grandcarrental allows Cross Site Request Forge... Wed, 29 Apr 2026 06:23:06
CVE-2026-39631 json Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured... Wed, 29 Apr 2026 06:23:06
CVE-2026-39628 json Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes DukaMarket dukamark... Wed, 29 Apr 2026 06:23:06
CVE-2026-39627 json Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Lev... Wed, 29 Apr 2026 06:23:06
CVE-2026-39626 json Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania all... Wed, 29 Apr 2026 06:23:06
CVE-2026-39624 json Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Sec... Wed, 29 Apr 2026 06:23:06
CVE-2026-39616 json Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments download-attachments allows E... Wed, 29 Apr 2026 06:23:06
CVE-2026-39614 json Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Confi... Wed, 29 Apr 2026 06:23:06
CVE-2026-39612 json Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control S... Wed, 29 Apr 2026 06:23:06
CVE-2026-39609 json Missing Authorization vulnerability in Wava.co Wava Payment wava-payment allows Exploiting Incorrectly Configured Access Cont... Wed, 29 Apr 2026 06:23:06
CVE-2026-39605 json Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured... Wed, 29 Apr 2026 06:23:05
CVE-2026-39602 json Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Acce... Wed, 29 Apr 2026 06:23:05
CVE-2026-39592 json Missing Authorization vulnerability in Andy Ha DEPART depart-deposit-and-part-payment-for-woo allows Exploiting Incorrectly C... Wed, 29 Apr 2026 06:23:05
CVE-2026-39585 json Missing Authorization vulnerability in Arraytics Booktics booktics allows Exploiting Incorrectly Configured Access Control Se... Wed, 29 Apr 2026 06:23:05
CVE-2026-39572 json Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking... Wed, 29 Apr 2026 06:23:05
CVE-2026-39566 json Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress dire... Wed, 29 Apr 2026 06:23:05
CVE-2026-39565 json Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Exploiting Incorrectly Configure... Wed, 29 Apr 2026 06:23:05
CVE-2026-39563 json Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Acces... Wed, 29 Apr 2026 06:23:05
CVE-2026-39561 json Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control S... Wed, 29 Apr 2026 06:23:05
CVE-2026-39535 json Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorr... Wed, 29 Apr 2026 06:23:05
CVE-2026-39520 json Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security ... Wed, 29 Apr 2026 06:23:05
CVE-2026-39510 json Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-g... Wed, 29 Apr 2026 06:23:05
CVE-2026-39506 json Missing Authorization vulnerability in Jordy Meow AI Engine (Pro) ai-engine-pro allows Exploiting Incorrectly Configured Acce... Wed, 29 Apr 2026 06:23:05
CVE-2026-39504 json Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Acces... Wed, 29 Apr 2026 06:23:05
CVE-2026-39488 json Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Sec... Wed, 29 Apr 2026 06:23:05
CVE-2026-39486 json Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill Download Monit... Wed, 29 Apr 2026 06:23:05
CVE-2026-39477 json Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access C... Wed, 29 Apr 2026 06:23:05
CVE-2026-39475 json Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedba... Wed, 29 Apr 2026 06:23:04
CVE-2026-39469 json Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer a... Wed, 29 Apr 2026 06:23:04
CVE-2026-32567 json Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in icopydoc YML for Yandex Marke... Wed, 29 Apr 2026 06:23:04
CVE-2026-32562 json Missing Authorization vulnerability in WP Folio Team PPWP password-protect-page allows Exploiting Incorrectly Configured Acce... Wed, 29 Apr 2026 06:23:04
CVE-2026-32546 json Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured A... Wed, 29 Apr 2026 06:23:04
CVE-2026-32541 json Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Inco... Wed, 29 Apr 2026 06:23:04
CVE-2026-32535 json Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting In... Wed, 29 Apr 2026 06:23:04
CVE-2026-32533 json Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly... Wed, 29 Apr 2026 06:23:04
CVE-2026-32527 json Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Fo... Wed, 29 Apr 2026 06:23:04
CVE-2026-32515 json Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Con... Wed, 29 Apr 2026 06:23:04
CVE-2026-32514 json Missing Authorization vulnerability in Anton Voytenko Petitioner petitioner allows Exploiting Incorrectly Configured Access C... Wed, 29 Apr 2026 06:23:04
CVE-2026-32511 json Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål stal allows Object Injection.This issue affects Stål:... Wed, 29 Apr 2026 06:23:04
CVE-2026-32510 json Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects K... Wed, 29 Apr 2026 06:23:04
CVE-2026-32509 json Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Grace... Wed, 29 Apr 2026 06:23:04
CVE-2026-5121 json A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer alloc... Wed, 29 Apr 2026 06:23:04
CVE-2026-32508 json Deserialization of Untrusted Data vulnerability in Mikado-Themes Halstein halstein allows Object Injection.This issue affects... Wed, 29 Apr 2026 06:23:03
CVE-2026-32507 json Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object Injection.This issue affects Ler... Wed, 29 Apr 2026 06:23:03
CVE-2026-32506 json Deserialization of Untrusted Data vulnerability in Edge-Themes Archicon archicon allows Object Injection.This issue affects A... Wed, 29 Apr 2026 06:23:03
CVE-2026-32501 json Missing Authorization vulnerability in wp-configurator WP Configurator Pro wp-configurator-pro allows Exploiting Incorrectly ... Wed, 29 Apr 2026 06:23:03
CVE-2026-32497 json Weak Authentication vulnerability in PickPlugins User Verification user-verification allows Authentication Abuse.This issue a... Wed, 29 Apr 2026 06:23:03
CVE-2026-32496 json Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NYSL Spam Protect for Contact... Wed, 29 Apr 2026 06:23:03
CVE-2026-32493 json Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-job... Wed, 29 Apr 2026 06:23:03
CVE-2026-32492 json Authentication Bypass by Spoofing vulnerability in Joe Dolson My Tickets my-tickets allows Identity Spoofing.This issue affec... Wed, 29 Apr 2026 06:23:03
CVE-2026-32485 json Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Acce... Wed, 29 Apr 2026 06:23:03
CVE-2026-32484 json Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForm... Wed, 29 Apr 2026 06:23:03
CVE-2026-32483 json Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Conf... Wed, 29 Apr 2026 06:23:03
CVE-2026-32441 json Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploitin... Wed, 29 Apr 2026 06:23:03
CVE-2026-31921 json Missing Authorization vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce a... Wed, 29 Apr 2026 06:23:03
CVE-2026-27071 json Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Secur... Wed, 29 Apr 2026 06:23:03
CVE-2026-25396 json Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows ... Wed, 29 Apr 2026 06:23:03
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report