Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

216067 matches found

EUVD
EUVDadded yesterday3 views

EUVD-2026-36813

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...

9.3CVSS5.7AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded yesterday3 views

CVE-2026-42386 WordPress Order Delivery Date for WooCommerce plugin <= 4.5.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...

9.3CVSS5.7AI score
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-42381 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Funnel Builder by FunnelKit = 3.15.0.1 versions...

9.3CVSS
Exploits0References1
EUVD
EUVDadded yesterday4 views

EUVD-2026-36807

Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...

9.3CVSS5.7AI score
Exploits0References1
CVE
CVEadded yesterday10 views

CVE-2026-40798

WPForo Forum plugin for WordPress &lt;= 3.0.4 is affected by an unauthenticated SQL injection vulnerability. The CVE entry cites unauthenticated SQL Injection in wpForo Forum &lt;= 3.0.4, with CVSSv3.1 base score 9.3 (CRITICAL) and impact TIC: Confidentiality High, Availability Low, no privileges...

9.3CVSS5.7AI score
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-40771 WordPress Contest Gallery plugin <= 28.1.6 - SQL Injection vulnerability

Unauthenticated SQL Injection in Contest Gallery = 28.1.6 versions...

9.3CVSS
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-40766 WordPress MasterStudy LMS plugin <= 3.7.25 - SQL Injection vulnerability

Subscriber SQL Injection in MasterStudy LMS = 3.7.25 versions...

8.5CVSS
Exploits0References1
CVE
CVEadded yesterday5 views

CVE-2026-40766

CVE-2026-40766 concerns the WordPress MasterStudy LMS plugin (versions

8.5CVSS5.7AI score
Exploits0References1
CVE
CVEadded yesterday8 views

CVE-2026-40762

The WPGraphQL WordPress plugin is affected by an unauthenticated SQL Injection in versions earlier than 2.11.1. The issue originates in WPGraphQL

7.5CVSS5.7AI score
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-40762 WordPress WPGraphQL plugin < 2.11.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in WPGraphQL 2.11.1 versions...

7.5CVSS
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-39530 WordPress SpeakOut! Email Petitions plugin <= 4.6.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...

9.3CVSS
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-39519 WordPress GeekyBot plugin <= 1.2.0 - SQL Injection vulnerability

Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...

9.3CVSS
Exploits0References1
CVE
CVEadded yesterday5 views

CVE-2026-39512

WordPress GeoDirectory plugin ≤ 2.8.152 contains an Unauthenticated SQL Injection vulnerability. Affects that plugin version, enabling network-based attacks with no authentication; CVSSv3.1 base score 9.3 (CRITICAL) with high confidentiality impact and low availability impact. Connected sources p...

9.3CVSS5.7AI score
Exploits0References1
CVE
CVEadded yesterday8 views

CVE-2026-39511

CVE-2026-39511 affects the WordPress plugin WP Photo Album Plus

9.3CVSS5.7AI score
Exploits0References1
Cvelist
Cvelistadded yesterday11 views

CVE-2026-39511 WordPress WP Photo Album Plus plugin <= 9.1.08.001 - SQL Injection vulnerability

Unauthenticated SQL Injection in WP Photo Album Plus = 9.1.08.001 versions...

9.3CVSS
Exploits0References1
CVE
CVEadded yesterday10 views

CVE-2026-39502

This CVE concerns the WordPress plugin Form Maker by 10Web (versions &lt;= 1.15.38). The issue is described as an Unauthenticated SQL Injection vulnerability in Form Maker by 10Web

9.3CVSS5.7AI score
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-39492 WordPress WP Maps plugin <= 4.9.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in WP Maps = 4.9.1 versions...

9.3CVSS
Exploits0References1
CVE
CVEadded yesterday5 views

CVE-2026-39492

The CVE records an unauthenticated SQL Injection in WordPress WP Maps plugin

9.3CVSS5.7AI score
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-39493 WordPress Simply Schedule Appointments plugin <= 1.6.9.27 - SQL Injection vulnerability

Unauthenticated SQL Injection in Simply Schedule Appointments = 1.6.9.27 versions...

9.3CVSS
Exploits0References1
CVE
CVEadded yesterday3 views

CVE-2026-39441

CVE-2026-39441 affects the WordPress plugin Feed KuantoKusta for WooCommerce – Free, version

9.3CVSS5.7AI score
Exploits0References1
Rows per page
Query Builder