CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

115 matches found

RedhatCVE•added 2026/02/19 7:29 a.m.•1 views

CVE-2026-1857

The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.6.1. This is due to insufficient validation of the endpoint parameter in the getitems function of the GetResponse REST API handler. The endpoint's...

4.3CVSS5.7AI score0.00013EPSS

Exploits0References1

NVD•added 2026/02/18 7:16 a.m.•6 views

CVE-2026-1857

4.3CVSS0.00013EPSS

Exploits0References4

Vulnrichment•added 2026/02/18 6:42 a.m.•5 views

CVE-2026-1857 Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' Parameter

4.3CVSS5.7AI score0.00013EPSS

Exploits0References4

Cvelist•added 2026/02/18 6:42 a.m.•28 views

CVE-2026-1857 Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' Parameter

4.3CVSS0.00013EPSS

Exploits0References4

CVE•added 2026/02/18 6:42 a.m.•7 views

CVE-2026-1857

The CVE-2026-1857 issue affects Kadence Blocks — Gutenberg Blocks with AI for WordPress (

4.3CVSS5.7AI score0.00013EPSS

Exploits0References4

ATTACKERKB•added 2026/02/18 6:42 a.m.•4 views

CVE-2026-1857

4.3CVSS5.7AI score0.00013EPSS

Exploits0References5

Positive Technologies•added 2026/02/18 12:0 a.m.•3 views

PT-2026-20288

The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.6.1. This is due to insufficient validation of the endpoint parameter in the get items function of the GetResponse REST API handler. The endpoint's...

4.3CVSS5.7AI score0.00013EPSS

Exploits0References5

CNVD•added 2026/01/30 12:0 a.m.•2 views

WordPress Plugin Contact Form 7 GetResponse Extension Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Contact Form 7 GetRespon...

5.3CVSS5.5AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 2026/01/24 3:18 p.m.•4 views

CVE-2026-24557

Insertion of Sensitive Information Into Sent Data vulnerability in WEN Solutions Contact Form 7 GetResponse Extension contact-form-7-getresponse-extension allows Retrieve Embedded Sensitive Data.This issue affects Contact Form 7 GetResponse Extension: from n/a through = 1.0.8...

5.3CVSS5.4AI score0.0005EPSS

Exploits0References1

NVD•added 2026/01/23 3:16 p.m.•3 views

CVE-2026-24557

5.3CVSS0.0005EPSS

Exploits0References1

Cvelist•added 2026/01/23 2:28 p.m.•24 views

CVE-2026-24557 WordPress Contact Form 7 GetResponse Extension plugin <= 1.0.8 - Sensitive Data Exposure vulnerability

5.3CVSS0.0005EPSS

Exploits0References1

Vulnrichment•added 2026/01/23 2:28 p.m.•2 views

CVE-2026-24557 WordPress Contact Form 7 GetResponse Extension plugin <= 1.0.8 - Sensitive Data Exposure vulnerability

5.3CVSS5.9AI score0.0005EPSS

Exploits0References1

CVE•added 2026/01/23 2:28 p.m.•6 views

CVE-2026-24557

CVE-2026-24557 (WordPress – Contact Form 7 GetResponse Extension) Technical details from provided sources confirm a sensitive data exposure vulnerability in the Contact Form 7 GetResponse Extension for WordPress. Affects extension versions up to and including 1.0.8 (vendor: WEN Solutions). The is...

5.3CVSS5.4AI score0.0005EPSS

Exploits0References1

ATTACKERKB•added 2026/01/23 2:28 p.m.•1 views

CVE-2026-24557

5.3CVSS5.9AI score0.0005EPSS

Exploits0References2

CNNVD•added 2026/01/23 12:0 a.m.•1 views

WordPress plugin Contact Form 7 GetResponse Extension 安全漏洞

5.3CVSS5.7AI score0.0005EPSS

Exploits0References1

Positive Technologies•added 2026/01/23 12:0 a.m.•4 views

PT-2026-4399

Name of the Vulnerable Software and Affected Versions Contact Form 7 GetResponse Extension versions through 1.0.8 Description The Contact Form 7 GetResponse Extension contains a flaw that allows retrieval of embedded sensitive data. This occurs due to improper handling of data within the extensio...

5.3AI score0.0005EPSS

Exploits0References3

Patchstack•added 2026/01/22 5:58 a.m.•4 views

WordPress Contact Form 7 GetResponse Extension plugin <= 1.0.8 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Contact Form 7 GetResponse Extension versions = 1.0.8...

5.3CVSS5.4AI score0.0005EPSS

Exploits0Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress Popup - MailChimp, GetResponse and ActiveCampaign Intergrations plugin <= 3.2.6 - Unauthenticated SQL Injection vulnerability

WordPress Popup - MailChimp, GetResponse and ActiveCampaign Intergrations plugin = 3.2.6 - Unauthenticated SQL Injection vulnerability discovered by Lucio Sá in WordPress Plugin Popup – MailChimp, GetResponse and ActiveCampaign Intergrations versions = 3.2.6...

7.5CVSS5.7AI score0.13273EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/12/19 7:32 a.m.•1 views

CVE-2025-64273

Missing Authorization vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email marketing for WordPress by GetResponse Official: from n/a through = 1.5.3...

6.5CVSS7AI score0.00036EPSS

Exploits0References1

RedhatCVE•added 2025/12/19 7:32 a.m.•1 views

CVE-2025-64272

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Retrieve Embedded Sensitive Data.This issue affects Email marketing for WordPress by GetResponse Official: from...

6.5CVSS6.8AI score0.00041EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by