3869 matches found
EUVD-2026-37653
Unauthenticated Local File Inclusion in Right Way = 4.0 versions...
CVE-2026-30803
RTI Connext Micro (Core Libraries) is affected by an Integer Underflow (wrap/wraparound) vulnerability that allows overread of buffers. Affected versions are Connext Micro 4.0.0 up to (but not including) 4.3.0. The issue is documented across CVE-2026-30803 entries in NVD and CVE records; no explo...
CVE-2025-69120
Unauthenticated Local File Inclusion in Dazzle = 1.0.0 versions...
CVE-2026-39568
Unauthenticated Local File Inclusion in Mr. SEO = 2.0 versions...
CVE-2025-69131
Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...
EUVD-2026-37699
Unauthenticated Local File Inclusion in Kastell = 2.0 versions...
CVE-2026-40721 WordPress Element Pack Pro plugin <= 9.0.6 - Local File Inclusion vulnerability
Contributor Local File Inclusion in Element Pack Pro = 9.0.6 versions...
CVE-2026-39548 WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in MagOne = 9.0 versions...
CVE-2025-69103 WordPress Brikk theme <= 3.0.0 - Arbitrary Content Deletion vulnerability
Subscriber Arbitrary Content Deletion in Brikk = 3.0.0 versions...
CVE-2026-42089
The CVE concerns yeoman-environment. Vulnerable versions 2.9.0 through 6.0.0 install missing local generator packages from attacker-controlled names without user confirmation, via installLocalGenerators() calling repository.install(). This can cause arbitrary package installation and code executi...
PT-2026-50080
Subscriber Arbitrary Content Deletion in Brikk = 3.0.0 versions...
PT-2026-50105
Unauthenticated Local File Inclusion in Mr. SEO = 2.0 versions...
PT-2026-50100
Unauthenticated Cross Site Scripting XSS in MagOne = 9.0 versions...
EUVD-2026-36969
Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...
CVE-2026-52694
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...
CVE-2026-52697 WordPress Taskbuilder plugin <= 5.0.7 - SQL Injection vulnerability
Subscriber SQL Injection in Taskbuilder = 5.0.7 versions...
EUVD-2026-36901
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...
EUVD-2026-36807
Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...
EUVD-2026-37002
Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run...
CVE-2026-49111
Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n/a through 2.2.0...