44395 matches found
CVE-2026-40772
CVE-2026-40772 pertains to the WordPress plugin GeekyBot (versions
CVE-2026-40772 WordPress GeekyBot plugin <= 1.2.2 - Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...
CVE-2026-40769 WordPress Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin <= 1.0.6 - Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Deletion in Contact Form Extender for Divi Save Entries, File Upload & Country Code Field = 1.0.6 versions...
CVE-2026-40769
The CVE-2026-40769 entry concerns the WordPress plugin “Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field” (versions
CVE-2026-40727 WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
CVE-2026-40727 WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
CVE-2026-40727
The CVE covers WordPress Groundhogg plugin versions ≤ 4.4, vulnerable to Arbitrary File Deletion in the Sales Representative component. The root cause details are not fully provided, but the CVSSv3.1 score is 7.7 (HIGH) with Network attack vector, low attack complexity, privilege requirement, and...
CVE-2026-39591 WordPress WP-BusinessDirectory plugin <= 4.0.0 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...
CVE-2026-39591
The CVE-2026-39591 entry concerns the WordPress WP-BusinessDirectory plugin up to version 4.0.0, where a Subscriber Arbitrary File Upload vulnerability is reported. Connected sources confirm the affected product and vulnerability class but do not provide exploit details or mitigation steps beyond...
CVE-2026-39527 WordPress WpStream plugin < 4.11.2 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in WpStream 4.11.2 versions...
CVE-2026-39527 WordPress WpStream plugin < 4.11.2 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in WpStream 4.11.2 versions...
CVE-2026-39527
The CVE-2026-39527 entry concerns the WordPress WpStream plugin. Affected product: WordPress WpStream plugin versions prior to 4.11.2. Vulnerable component/behavior: Arbitrary File Upload under the Subscriber role, enabling an attacker with low privileges to upload arbitrary files. Root cause: de...
CVE-2026-39489
The CVE-2026-39489 entry details a vulnerability in WordPress Download Monitor plugin versions
CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability
Author Arbitrary File Download in Download Monitor = 5.1.9 versions...
CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability
Author Arbitrary File Download in Download Monitor = 5.1.9 versions...
CVE-2026-39468
WordPress Meta Box – WordPress Custom Fields Framework plugin
CVE-2026-39468 WordPress Meta Box – WordPress Custom Fields Framework plugin <= 5.11.1 - Arbitrary File Deletion vulnerability
Contributor Arbitrary File Deletion in Meta Box – WordPress Custom Fields Framework = 5.11.1 versions...
CVE-2026-30121
remotion-dev remotion v4.0.409 was discovered to contain an arbitrary file write vulnerability...
GHSA-4X5R-PXFX-6JF8 @babel/core: Arbitrary File Read via sourceMappingURL Comment
Impact Using @babel/core to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are all true: - the attacker controls the input source code - the attacker can read the output source code - the attacker knows the...
@babel/core: Arbitrary File Read via sourceMappingURL Comment
Impact Using @babel/core to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are all true: - the attacker controls the input source code - the attacker can read the output source code - the attacker knows the...