Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21703 matches found

OSV
OSVadded 2026/06/06 4:6 a.m.2 views

MINI-4X89-WPGV-QCVV

Bulletin has no description...

9.1CVSS5.2AI score0.00392EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.4 views

MINI-FXH9-24C8-RHM5

Bulletin has no description...

9.1CVSS5.2AI score0.00397EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.5 views

MINI-R974-C7F6-5C7Q

Bulletin has no description...

6.1CVSS5.2AI score0.00188EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.3 views

MINI-JCQX-MFPP-G549

Bulletin has no description...

5.3CVSS5.2AI score0.0021EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.2 views

MINI-F49J-M3C2-CRPW

Bulletin has no description...

9.6CVSS5.2AI score0.00344EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.4 views

MINI-QVFR-7G79-9GF7

Bulletin has no description...

6.5CVSS5.2AI score0.00196EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.5 views

MINI-V3F3-WRVG-C3WG

Bulletin has no description...

9.1CVSS5.2AI score0.00368EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.4 views

MINI-4228-J85G-5RH6

Bulletin has no description...

6.5CVSS5.2AI score0.00248EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.4 views

MINI-M2VG-H5M9-CRPX

Bulletin has no description...

6.1CVSS5.2AI score0.00178EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.4 views

MINI-WJP9-W83C-W2V9

Bulletin has no description...

9.1CVSS5.2AI score0.00392EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.4 views

MINI-X727-MVW3-743F

Bulletin has no description...

6.3CVSS5.2AI score0.00175EPSS
Exploits0
OSV
OSVadded 2026/06/06 4:6 a.m.5 views

MINI-C9HM-RJGF-57GW

Bulletin has no description...

6.1CVSS5.2AI score0.00178EPSS
Exploits0
CVE
CVEadded 2026/06/06 3:28 a.m.19 views

CVE-2026-8611

The Klamra Paycal for Aspaclaria WordPress plugin is vulnerable to Insecure Direct Object Reference through the invoice_id parameter in versions up to 1.1.4, caused by missing validation on a user-controlled key. Authenticated users with subscriber-level access and higher can enumerate post IDs t...

4.3CVSS5.6AI score0.00234EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/06/06 3:28 a.m.36 views

CVE-2026-8611 Klamra Paycal for Aspaclaria <= 1.1.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Exposure via 'invoice_id' Parameter

The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.4 via the 'invoiceid' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS0.00234EPSS
Exploits0References8
EUVD
EUVDadded 2026/06/06 3:28 a.m.10 views

EUVD-2026-34958

The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.4 via the 'invoiceid' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS5.6AI score0.00234EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/06/06 12:0 a.m.16 views

PT-2026-47141

The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.4 via the 'invoice id' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS5.6AI score0.00234EPSS
Exploits0References9
CVE
CVEadded 2026/06/05 11:28 p.m.19 views

CVE-2026-10038

The Charitable – Donation Plugin for WordPress (Charitable) up to version 1.8.11.1 is affected by an Insecure Direct Object Reference/Authorization Bypass that enables Arbitrary Attachment Deletion via the profile avatar update flow. The issue stems from save_avatar() calling wp_delete_attachment...

4.3CVSS5.6AI score0.00285EPSS
Exploits0References12
ATTACKERKB
ATTACKERKBadded 2026/06/05 11:28 p.m.7 views

CVE-2026-10038

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Insecure Direct Object Reference / Authorization Bypass leading to Arbitrary Attachment Deletion in versions up to, and including, 1.8.11.1 via the profile avatar...

4.3CVSS5.6AI score0.00285EPSS
Exploits0References13
Cvelist
Cvelistadded 2026/06/05 11:28 p.m.35 views

CVE-2026-10038 Charitable <= 1.8.11.1 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Attachment Deletion via 'avatar' Parameter

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Insecure Direct Object Reference / Authorization Bypass leading to Arbitrary Attachment Deletion in versions up to, and including, 1.8.11.1 via the profile avatar...

4.3CVSS0.00285EPSS
Exploits0References12
OSV
OSVadded 2026/06/05 9:45 p.m.3 views

MINI-FGP6-RXM8-PV96

Bulletin has no description...

6.5CVSS5.2AI score0.00561EPSS
Exploits0
Rows per page
Query Builder