CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/05/07 12:0 a.m.•6 views

Saltcorn 输入验证错误漏洞

Saltcorn is an open-source, scalable, and code-free database application builder developed by Saltcorn developers. Vulnerabilities existed in versions prior to Saltcorn 1.4.6, 1.5.6, and 1.6.0-beta.5, due to input validation errors. These vulnerabilities stemmed from the dest parameter validation...

5.1CVSS5.8AI score0.00017EPSS

vulnersOsv•added 2026/04/21 12:0 a.m.•2 views

ch.admin.bit.jeap:jeap-oauth-mock-server (>=3.1.0 <=3.44.0), ch.admin.bit.jeap:jeap-oauth-mock-server-instance (>=3.1.0 <=3.44.0) +79 more potentially affected by CVE-2026-22752 via org.springframework.security:spring-security-oauth2-authorization-server (>=1.3.0 <=1.5.6)

org.springframework.security:spring-security-oauth2-authorization-server MAVEN version =1.3.0, =3.1.0, =3.1.0, =1.0.0, =1.0.1, =1.0.0, =3.0.0, =3.5.5.3, =3.5.5.3, =3.3.0.0, =3.5.5.3, =3.5.5.3, =3.5.5.3, =3.3.0.0, =3.3.0.0, =3.5.5.2 and more Source cves: CVE-2026-22752 Source advisory:...

5.8AI score

Exploits0

Positive Technologies•added 2026/04/16 12:0 a.m.•5 views

PT-2026-37184

Name of the Vulnerable Software and Affected Versions Saltcorn versions prior to 1.4.6 Saltcorn versions prior to 1.5.6 Saltcorn versions prior to 1.6.0-beta.5 Description Saltcorn fails to properly validate the dest parameter during the post-login process. The is relative url function only block...

5.1CVSS5.8AI score0.00017EPSS

Exploits0References4

Patchstack•added 2026/04/14 11:36 a.m.•2 views

WordPress Portfolio and Projects plugin <= 1.5.6 - Backdoor vulnerability

Backdoor vulnerability discovered by ? in WordPress Plugin Portfolio and Projects versions = 1.5.6...

5.8AI score

Exploits0References1Affected Software1

RedhatCVE•added 2026/03/26 3:17 p.m.•2 views

CVE-2026-32395

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder - Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder - Lite: from n/a through = 1.5.6...

RedhatCVE•added 2026/03/26 3:1 p.m.•1 views

CVE-2026-27093

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Tripgo tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a through 1.5.6...

8.1CVSS5.9AI score0.00172EPSS

EUVD•added 2026/03/19 9:30 a.m.•3 views

EUVD-2026-13068

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ovatheme Tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a before 1.5.6...

8.1CVSS5.8AI score0.00172EPSS

Cvelist•added 2026/03/19 6:41 a.m.•21 views

CVE-2026-27093 WordPress Tripgo theme < 1.5.6 - Local File Inclusion vulnerability

8.1CVSS0.00172EPSS

CVE•added 2026/03/19 6:41 a.m.•8 views

CVE-2026-27093

CVE-2026-27093 is a confirmed Local File Inclusion vulnerability in the WordPress Tripgo theme. The affected product is the Tripgo WordPress theme, with versions from before 1.5.6 (notably described as < 1.5.6). The root cause is improper control of the filename for include/require statements ...

8.1CVSS5.9AI score0.00172EPSS

EUVD•added 2026/03/13 9:31 p.m.•1 views

EUVD-2026-11909

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder Lite: from n/a through = 1.5.6...

NVD•added 2026/03/13 7:54 p.m.•1 views

CVE-2026-32395

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through = 1.5.6...

5.3CVSS0.00042EPSS

Vulnrichment•added 2026/03/13 11:42 a.m.•1 views

CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability

5.8AI score0.00042EPSS

CVE•added 2026/03/13 11:42 a.m.•2 views

CVE-2026-32395

The CVE affects WordPress Xpro Addons For Beaver Builder – Lite (xpro-addons-beaver-builder-elementor) with versions up to and including 1.5.6. It describes a Missing Authorization vulnerability that enables Exploiting Incorrectly Configured Access Control Security Levels, i.e., a broken access c...

5.3CVSS5.1AI score0.00042EPSS

ATTACKERKB•added 2026/03/13 11:42 a.m.•1 views

CVE-2026-32395

5.3CVSS5.1AI score0.00042EPSS

Cvelist•added 2026/03/13 11:42 a.m.•23 views

CVE-2026-32395 WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control vulnerability

5.3CVSS0.00042EPSS

CNNVD•added 2026/03/13 12:0 a.m.•2 views

WordPress plugin Xpro Addons For Beaver Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

Positive Technologies•added 2026/03/13 12:0 a.m.•4 views

PT-2026-25241

RedhatCVE•added 2026/02/21 7:29 p.m.•2 views

Exploits0References4

CVE-2025-68531

Deserialization of Untrusted Data vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Object Injection.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through 1.5.6...

8.8CVSS5.5AI score0.00071EPSS