457666 matches found
CVE-2026-49076
CVE-2026-49076 describes an unauthenticated SQL Injection in WordPress JetEngine plugin versions <= 3.8.9.1. The vulnerability affects JetEngine’s handling of input in a way that allows arbitrary SQL execution without authentication, with the CVSS 3.1 base score listed as 9.3 (CRITICAL) and ne...
CVE-2026-49076 WordPress JetEngine plugin <= 3.8.9.1 - SQL Injection vulnerability
Unauthenticated SQL Injection in JetEngine = 3.8.9.1 versions...
CVE-2026-49079
The CVE concerns the WordPress JetSearch plugin, affected versions are <= 3.5.17. It describes an unauthenticated SQL injection vulnerability in JetSearch that can be exploited over the network without authentication, potentially compromising confidentiality (high) and affecting data queries. ...
CVE-2026-49075
The CVE covers a PHP Object Injection flaw in the WordPress JetEngine plugin, affecting versions
CVE-2026-49075 WordPress JetEngine plugin <= 3.8.9.1 - PHP Object Injection vulnerability
Contributor PHP Object Injection in JetEngine = 3.8.9.1 versions...
CVE-2026-48967
CVE-2026-48967 concerns a SQL Injection vulnerability in the WordPress Geo Mashup plugin (versions
CVE-2026-48967 WordPress Geo Mashup plugin <= 1.13.19 - SQL Injection vulnerability
Subscriber SQL Injection in Geo Mashup = 1.13.19 versions...
CVE-2026-48875
The CVE concerns the WordPress JetSmartFilters plugin, version scope
CVE-2026-48875 WordPress JetSmartFilters plugin <= 3.8.1 - SQL Injection vulnerability
Unauthenticated SQL Injection in JetSmartFilters = 3.8.1 versions...
CVE-2026-42380
CVE-2026-42380 covers the WordPress AI Lab theme prior to version 5.4.2, which is vulnerable to unauthenticated PHP Object Injection. The Patchstack entry and CVE records indicate the vulnerability is fixed in 5.4.2. Impact is high (remote, unauthenticated) per the CVSS vector: Network, None priv...
CVE-2026-42380 WordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in AI Lab 5.4.2 versions...
CVE-2026-40753 WordPress EasyMeals theme <= 1.5.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in EasyMeals = 1.5.1 versions...
CVE-2026-40753
CVE-2026-40753 affects the WordPress EasyMeals theme (versions ≤ 1.5.1). The vulnerability is an unauthenticated PHP Object Injection in EasyMeals, caused by unsafe object handling in the affected component. The published metrics indicate a high impact (CVSS v3.1: 8.1, HIGH) with network attack v...
CVE-2026-40735 WordPress Reina theme <= 2.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Reina = 2.1 versions...
CVE-2026-40735
Summary: CVE-2026-40735 concerns unauthenticated PHP Object Injection in WordPress Reina theme versions <= 2.1. The vulnerability is tied to the Reina plugin/theme codebase and is described as an unauthenticated PHP Object Injection, with CVSSv3.1 impact vector indicating high severity (8.1 ba...
CVE-2026-40725 WordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in WooCommerce Product Filters 2.0.6 versions...
CVE-2026-40725
CVE-2026-40725 affects the WordPress WooCommerce Product Filters plugin (versions
CVE-2026-39596 WordPress Blocksy Companion Pro plugin < 2.1.29 - SQL Injection vulnerability
Unauthenticated SQL Injection in Blocksy Companion Pro 2.1.29 versions...
CVE-2026-39596
The CVE covers WordPress Blocksy Companion Pro plugin, vulnerable in versions
CVE-2026-39573
CVE-2026-39573 : Unauthenticated PHP Object Injection in WordPress Mildhill theme <= 1.5. Affected component: Mildhill theme (WordPress). Root cause: PHP Object Injection vulnerability. Impact: high across confidentiality, integrity, and availability (CVSSv3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/...