Lucene search
K

1400 matches found

CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

WordPress plugin The Publisher Desk ads.txt 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

WordPress plugin CartFlows 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

4.3CVSS5.8AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.8 views

WISDOM Pegasus CMS 路径遍历漏洞

WISDOM Pegasus CMS is a content management system developed by the Australian company WISDOM. Version 1.0 of WISDOM Pegasus CMS has a path traversal vulnerability. This vulnerability stems from a remote code execution vulnerability in the extrafields.php plugin, which may allow unverified attacke...

9.8CVSS6.6AI score0.01416EPSS
Exploits1References3
OSV
OSV
added 2026/04/03 11:43 p.m.4 views

GHSA-4Q27-4RRQ-FX95 AVideo: CSRF on Player Skin Configuration via admin/playerUpdate.json.php

Severity: Medium CWE: CWE-352 Cross-Site Request Forgery Summary The player skin configuration endpoint at admin/playerUpdate.json.php does not validate CSRF tokens. The plugins table is explicitly excluded from the ORM's domain-based security check via ignoreTableSecurityCheck, removing the only...

4.3CVSS6AI score0.00134EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.12 views

PT-2026-28214

Name of the Vulnerable Software and Affected Versions WP Lightbox 2 WordPress plugin versions prior to 3.0.7 Description The WP Lightbox 2 WordPress plugin does not properly sanitise and escape certain settings. This could allow users with high privileges, such as administrators, to carry out...

4.8CVSS5.9AI score0.00189EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

WordPress plugin Bus Ticket Booking with Seat Reservation 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

9.8CVSS5.9AI score0.00375EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

WordPress plugin Creator LMS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.8AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

WordPress plugin Beelove 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

9.8CVSS5.9AI score0.0051EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

WordPress plugin Ultimate Post Kit 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

6.4CVSS5.8AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.11 views

WordPress plugin RegistrationMagic 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

5.4CVSS5.8AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.9 views

WordPress plugin Envo Extra 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.4CVSS5.8AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.8 views

WordPress plugin wpDiscuz 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

6.9CVSS5.9AI score0.0032EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/03/09 1:50 p.m.7 views

WordPress Handmade Framework plugin <= 3.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Handmade Framework versions = 3.9...

7.1CVSS5.8AI score0.0023EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.8 views

WordPress plugin Aldo 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

WordPress plugin Cartify 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00279EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

WordPress plugin Jetpack CRM 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

7.5CVSS5.8AI score0.00423EPSS
Exploits1References1
CVE
CVE
added 2026/02/19 8:26 a.m.16 views

CVE-2026-25323

CVE-2026-25323 affects WordPress OSM plugin versions

4.3CVSS5.4AI score0.00243EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/18 12:37 a.m.10 views

WordPress SiteOrigin Widgets Bundle plugin <= 1.70.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Shortcode Execution vulnerability discovered by bashu - KCSC in WordPress Plugin SiteOrigin Widgets Bundle versions = 1.70.4...

5.4CVSS5.5AI score0.00284EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.8 views

WordPress plugin Media Library Folders 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

4.3CVSS5.8AI score0.00209EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/07 8:26 a.m.4 views

CVE-2026-1570 Simple Bible Verse via Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Simple Bible Verse via Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's verse shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.0019EPSS
Exploits0References2
Rows per page
Query Builder