CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2121 matches found

Opti Marketing <= 2.0.9 - SQL Injection

The Opti Marketing plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to appe...

9.8CVSS5.8AI score0.03292EPSS

Exploits1References3

Nuclei•added 20 hours ago•32 views

Automation By Autonami < 3.3.0 - SQL Injection

The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin before 3.3.0 does not sanitize and escape the bwfan-track-id parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks. id:...

8.6CVSS5.8AI score0.02241EPSS

Exploits1References2

EUVD•added 2 days ago•4 views

EUVD-2026-39781

Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...

5.3CVSS5.8AI score0.00214EPSS

Exploits0References2

NVD•added 2 days ago•6 views

CVE-2026-57632

Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend = 1.19.0 versions...

5.4CVSS0.00275EPSS

Exploits0References1

NVD•added 2 days ago•4 views

CVE-2026-24547

Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...

5.3CVSS0.00214EPSS

Exploits0References1

EUVD•added 2 days ago•4 views

EUVD-2026-39748

Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend = 1.19.0 versions...

5.4CVSS5.8AI score0.00275EPSS

Exploits0References1

CVE•added 2 days ago•8 views

CVE-2026-24547

The vulnerability CVE-2026-24547 affects the WordPress SiteGround Email Marketing plugin (versions up to and including 1.7.5). It is described as Unauthenticated Broken Access Control, indicating that an attacker could access restricted functionality or data without authentication. The CVSS v3.1 ...

5.3CVSS5.8AI score0.00214EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-24547 WordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...

5.3CVSS0.00214EPSS

Exploits0References1

Patchstack•added 3 days ago•6 views

WordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin SiteGround Email Marketing versions = 1.7.5...

5.3CVSS5.8AI score0.00214EPSS

Exploits0Affected Software1

Tenable Nessus•added 3 days ago•5 views

Oracle Siebel Server <= 26.5 (June 2026 CSPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CSPU advisory. - Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM component: Marketing. Supported versions that are affected are 17.0-26....

9.8CVSS5.9AI score0.00483EPSS

Exploits0References14

NVD•added 2026/06/17 10:54 a.m.•6 views

CVE-2026-46887

Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM component: Marketing. Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Apps - Marketing. Successful attac...

9.8CVSS0.00474EPSS

Exploits0References1

NVD•added 2026/06/17 10:54 a.m.•6 views

CVE-2026-46884

9.8CVSS0.00474EPSS

Exploits0References1

NVD•added 2026/06/17 10:54 a.m.•5 views

CVE-2026-46886

Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM component: Marketing. Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Apps - Marketing. Successful attack...

8.8CVSS0.00403EPSS

Exploits0References1

NVD•added 2026/06/17 10:54 a.m.•7 views

CVE-2026-46890

9.8CVSS0.00483EPSS

Exploits0References1

NVD•added 2026/06/17 10:54 a.m.•7 views

CVE-2026-46889

9.8CVSS0.00474EPSS

Exploits0References1

Positive Technologies•added 2026/06/16 12:0 a.m.•13 views

PT-2026-49991

Name of the Vulnerable Software and Affected Versions Oracle Siebel CRM Siebel Apps - Marketing versions 17.0 through 26.5 Description An issue in the Marketing component of the Siebel Apps - Marketing product allows an unauthenticated attacker with network access via HTTP to compromise the syste...

9.8CVSS5.8AI score0.00474EPSS

Exploits0References3

Positive Technologies•added 2026/06/16 12:0 a.m.•8 views

PT-2026-49996

Name of the Vulnerable Software and Affected Versions Oracle Siebel CRM Siebel Apps - Marketing versions 17.0 through 26.5 Description An issue in the Marketing component of Oracle Siebel CRM allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful...

9.8CVSS5.8AI score0.00474EPSS

Exploits0References3

Positive Technologies•added 2026/06/16 12:0 a.m.•12 views

PT-2026-49994

9.8CVSS5.8AI score0.00474EPSS

Exploits0References3

Positive Technologies•added 2026/06/16 12:0 a.m.•9 views

PT-2026-49997

9.8CVSS5.8AI score0.00483EPSS

Exploits0References3

Positive Technologies•added 2026/06/16 12:0 a.m.•13 views

PT-2026-49993

Name of the Vulnerable Software and Affected Versions Oracle Siebel CRM Siebel Apps - Marketing versions 17.0 through 26.5 Description An issue in the Marketing component of the Siebel Apps - Marketing product allows a low privileged attacker with network access via HTTP to compromise the system...

8.8CVSS5.8AI score0.00403EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by