44395 matches found
CVE-2025-69131
Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...
CVE-2025-60218
Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...
CVE-2025-49403
Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress = 3.0.2 versions...
CVE-2024-52488
Subscriber Arbitrary File Upload in Grip = 1.0.9 versions...
CVE-2026-52716 WordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...
EUVD-2026-37700
Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...
CVE-2026-54193 WordPress Fusion Builder plugin <= 3.15.4 - Arbitrary File Deletion vulnerability
Contributor Arbitrary File Deletion in Fusion Builder = 3.15.4 versions...
CVE-2026-11858
Quanos SCHEMA ST4 on-premises is affected by a local privilege escalation due to insufficient authorization on the Client Update Service. The service, running as NT AUTHORITY\SYSTEM, exposes a .NET Remoting interface over a named pipe without proper access controls. A local authenticated low-priv...
CVE-2026-52705 WordPress SigmaForms Pro – AI Generated Forms plugin <= 1.4.5 - Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms = 1.4.5 versions...
CVE-2026-52705
CVE-2026-52705 affects the WordPress plugin SigmaForms Pro – AI Generated Forms (versions
CVE-2026-40749
The CVE covers the WordPress Charity Zone theme (versions <= 1.1.1) with a Subscriber Arbitrary File Upload vulnerability. The underlying issue enables arbitrary files to be uploaded due to insecure handling in Charity Zone
CVE-2026-40749 WordPress Charity Zone theme <= 1.1.1 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Charity Zone = 1.1.1 versions...
CVE-2026-40748
CVE-2026-40748 affects the WordPress Kids Gift Shop theme (versions ≤ 0.5.4). The vulnerability is described as an Arbitrary File Upload in the Subscriber context. Public details in connected sources indicate a very high severity CVSS v3.1 score (9.9, CRITICAL) with network access, low attack com...
CVE-2026-40748 WordPress Kids Gift Shop theme <= 0.5.4 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Kids Gift Shop = 0.5.4 versions...
CVE-2026-40747 WordPress Ecommerce Zone theme <= 0.9.7 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Ecommerce Zone = 0.9.7 versions...
CVE-2026-40747
CVE-2026-40747 affects the WordPress Ecommerce Zone theme (versions <= 0.9.7) and is an Arbitrary File Upload vulnerability. The connected documents confirm a subscriber Arbitrary File Upload issue in Ecommerce Zone
CVE-2026-40746 WordPress Restaurant Zone theme <= 0.7.8 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Restaurant Zone = 0.7.8 versions...
CVE-2026-40746
The CVE-2026-40746 entry concerns WordPress Theme Restaurant Zone (versions
CVE-2026-40724 WordPress Client Portal (Pro) plugin <= 5.6.2 - Arbitrary File Download vulnerability
CP Client Arbitrary File Download in Client Portal Pro = 5.6.2 versions...
CVE-2026-40724
CVE-2026-40724 concerns the WordPress Client Portal (Pro) plugin, affected versions <= 5.6.2. The vulnerability is described as an Arbitrary File Download in CP Client Arbitrary File Download for Client Portal (Pro)