Lucene search
K

1746 matches found

CVE
CVE
added 2026/06/24 1:20 p.m.13 views

CVE-2026-57298

CVE-2026-57298: A CSRF in the Jenkins Contrast Continuous Application Security Plugin (version 3.11 and earlier) allows an attacker to cause Jenkins to access an attacker-specified URL using attacker-specified username, API key, and service key. Affected: Jenkins Contrast Continuous Application S...

5.4CVSS5.8AI score0.00101EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/23 10:2 a.m.8 views

WordPress Uncanny Automator plugin <= 7.3.1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by VanTastic in WordPress Plugin Uncanny Automator versions = 7.3.1.2...

8.1CVSS5.9AI score0.00317EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/22 8:54 a.m.9 views

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover vulnerability

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin = 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin Branda versions = 3.4.29...

9.8CVSS5.8AI score0.00625EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2026/06/17 4:48 p.m.20 views

WordPress Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin <= 3.0.6 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Meher Sudhakar Abbireddi in WordPress Plugin Orbit Fox by ThemeIsle versions = 3.0.6...

4.4CVSS5.2AI score0.00203EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/17 9:51 a.m.27 views

CVE-2026-54196

Technical details are not publicly provided in the supplied documents. Monitor for updates on affected versions, impact, and fixes.

6.8CVSS5.2AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.20 views

CVE-2026-52692

Affected software: WordPress Affiliates Manager plugin (WordPress)

7.5CVSS5.2AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.30 views

CVE-2026-49763 WordPress Integration for Contact Form 7 HubSpot plugin <= 1.3.7 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Integration for Contact Form 7 HubSpot = 1.3.7 versions...

9.8CVSS0.00383EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.22 views

CVE-2026-49070

CVE-2026-49070 affects the WordPress Knit Pay plugin (versions

7.5CVSS5.1AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.32 views

CVE-2026-49068 WordPress Coupon Affiliates plugin <= 7.8.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Coupon Affiliates = 7.8.1 versions...

7.5CVSS0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.30 views

CVE-2026-48889 WordPress Amelia plugin <= 2.3 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in Amelia = 2.3 versions...

8.8CVSS0.00378EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.31 views

CVE-2026-48880 WordPress WP Job Portal plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in WP Job Portal = 2.5.2 versions...

6.5CVSS0.00205EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.44 views

CVE-2026-48871

The MW WP Form WordPress plugin, versions ≤ 5.1.3, has an unauthenticated Cross Site Scripting (XSS) vulnerability. The provided documents do not specify the exact vulnerable component, root cause, exploit details, or a remediation version. Exploitation status is not described. Monitor Patchstack...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.30 views

CVE-2026-42752 WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.27 views

CVE-2026-42687 WordPress EventPrime plugin <= 4.3.2.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in EventPrime = 4.3.2.1 versions...

8.1CVSS0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.29 views

CVE-2026-42666 WordPress Salon booking system plugin <= 10.30.25 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Salon booking system = 10.30.25 versions...

7.5CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.10 views

CVE-2026-42657

CVE-2026-42657 affects the WordPress plugin Contest Gallery (versions ≤ 28.1.7). The entry describes an Unauthenticated Other Vulnerability Type vulnerability in these versions. The available data assign a CVSS v3.1 base score of 5.3 (Medium) with attack vector Network , no required privileges, a...

5.3CVSS5.2AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.27 views

CVE-2026-42381 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Funnel Builder by FunnelKit = 3.15.0.1 versions...

9.3CVSS0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.15 views

CVE-2026-40799

CVE-2026-40799 affects the WordPress plugin Simple Cloudflare Turnstile (versions

5.3CVSS5.2AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.23 views

CVE-2026-40798

WPForo Forum plugin for WordPress &lt;= 3.0.4 is affected by an unauthenticated SQL injection vulnerability. The CVE entry cites unauthenticated SQL Injection in wpForo Forum &lt;= 3.0.4, with CVSSv3.1 base score 9.3 (CRITICAL) and impact TIC: Confidentiality High, Availability Low, no privileges...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.15 views

CVE-2026-40781

CVE-2026-40781 affects the WordPress ReviewX plugin ≤ 2.3.6. Root cause: unauthenticated broken authentication vulnerability leading to high-severity impact (CVSSv3.1 base score 7.5; Network attack vector, no user interaction, no privileges required; integrity impact HIGH). Affected software is t...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
Rows per page
Query Builder