225519 matches found
CVE-2026-57688
The CVE concerns the WordPress POS Entegratör plugin (versions
CVE-2026-57687
CVE-2026-57687 concerns a SQL Injection vulnerability in the WordPress plugin Custom Field Template (versions
CVE-2026-57683 WordPress WP Fast Total Search plugin <= 1.80.280 - SQL Injection vulnerability
Unauthenticated SQL Injection in WP Fast Total Search = 1.80.280 versions...
CVE-2026-57682 WordPress Simple Link Directory plugin <= 15.0.5 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Simple Link Directory = 15.0.5 versions...
CVE-2026-57682
The CVE-2026-57682 entry affects the WordPress plugin “Simple Link Directory” version ≤ 15.0.5, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The connected records confirm the vulnerability type (XSS) and affected version, but do not provide concrete root-cause details, exploi...
CVE-2026-57681 WordPress GeoDirectory plugin <= 2.8.161 - Server Side Request Forgery (SSRF) vulnerability
Subscriber Server Side Request Forgery SSRF in GeoDirectory = 2.8.161 versions...
CVE-2026-57680 WordPress Kirki plugin <= 6.0.11 - Insecure Direct Object References (IDOR) vulnerability
Unauthenticated Insecure Direct Object References IDOR in Kirki = 6.0.11 versions...
CVE-2026-57679 WordPress GeekyBot plugin <= 1.2.5 - SQL Injection vulnerability
Unauthenticated SQL Injection in GeekyBot = 1.2.5 versions...
CVE-2026-57679
Unauthenticated SQL Injection in GeekyBot = 1.2.5 versions...
CVE-2026-57677 WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce = 12.10.3 versions...
CVE-2026-57677
The CVE concerns the WordPress Novalnet Payment Gateway for WooCommerce plugin, affected versions
CVE-2026-57674 WordPress Timetics plugin <= 1.0.58 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Timetics = 1.0.58 versions...
CVE-2026-57674
CVE-2026-57674 affects WordPress Timetics plugin versions up to 1.0.58, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The available documents identify the affected product and the issue type, including a CVSS 3.1 base score of 7.1 (HIGH) with network access, no privileges requ...
CVE-2026-57673 WordPress Optimole plugin <= 4.2.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Optimole = 4.2.7 versions...
CVE-2026-57671 WordPress perfmatters plugin <= 2.6.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in perfmatters = 2.6.4 versions...
CVE-2026-57671
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-57670 WordPress Google Maps CP plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Google Maps CP = 1.2.5 versions...
CVE-2026-57670
Technical details (affected plugin version specifics, root cause, exploit steps, and remediation) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-57669
The affected software is the WordPress plugin Advanced Contact form 7 DB (versions
CVE-2026-57621 WordPress Booktics plugin <= 1.0.21 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Booktics = 1.0.21 versions...