CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

236 matches found

CVE-2026-7542

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to and including 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via t...

6.5CVSS5.5AI score0.00031EPSS

Exploits0References1

Patchstack•added yesterday•5 views

WordPress Slider Revolution plugin <= 7.0.10 - Authenticated (Subscriber+) Sensitive Information Disclosure vulnerability

Authenticated Subscriber+ Sensitive Information Disclosure vulnerability discovered by Luc Huynh from Noventiq RedTeam - Noventiq Vietnam in WordPress Plugin Slider Revolution versions = 7.0.10...

6.5CVSS5.4AI score0.00031EPSS

Exploits0References1Affected Software1

NVD•added yesterday•5 views

CVE-2026-7542

6.5CVSS0.00031EPSS

Exploits0References2

CVE•added yesterday•14 views

CVE-2026-7542

The CVE-2026-7542 issue affects the Slider Revolution WordPress plugin (versions up to 7.0.10). The vulnerability arises from three design flaws that enable Sensitive Information Disclosure: (1) a valid backend AJAX nonce (revslider_actions) is leaked to all authenticated users via the admin_foot...

6.5CVSS5.5AI score0.00031EPSS

Exploits0References2

EUVD•added yesterday•8 views

EUVD-2026-35376

6.5CVSS5.5AI score0.00031EPSS

Exploits0References2

Cvelist•added yesterday•28 views

CVE-2026-7542 Slider Revolution <= 7.0.10 - Authenticated (Subscriber+) Sensitive Information Disclosure

6.5CVSS0.00031EPSS

Exploits0References2

Positive Technologies•added yesterday•6 views

PT-2026-47722

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to and including 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslider actions to all authenticated users including Subscribers via...

6.5CVSS5.5AI score0.00031EPSS

Exploits0References3

RedhatCVE•added 5 days ago•5 views

CVE-2026-9048

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions 7.0.0 - 7.0.14, via the 'slider.get.full' AJAX Action. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including raw social...

4.3CVSS5.5AI score0.00028EPSS

Exploits0References1

RedhatCVE•added 5 days ago•6 views

CVE-2026-9050

The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerable to unauthorized modification of data. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS5.5AI score0.00029EPSS

Exploits0References1

RedhatCVE•added 5 days ago•5 views

CVE-2026-6728

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.0.9 via the 'getstreamdata' function. This makes it possible for unauthenticated attackers to extract sensitive data including published password-protected post, page, an...

5.3CVSS5.5AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 5 days ago•4 views

CVE-2026-6692

The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.2AI score0.00107EPSS

Exploits0References1

EUVD•added 2026/06/02 12:31 a.m.•9 views

EUVD-2026-33850

4.3CVSS5.8AI score0.00029EPSS

Exploits0References3

EUVD•added 2026/06/02 12:31 a.m.•9 views

EUVD-2026-33851

4.3CVSS5.8AI score0.00028EPSS

Exploits0References3

NVD•added 2026/06/02 12:16 a.m.•9 views

CVE-2026-9050

4.3CVSS0.00029EPSS

Exploits0References2

NVD•added 2026/06/02 12:16 a.m.•10 views

CVE-2026-9048

4.3CVSS0.00028EPSS

Exploits0References2

Cvelist•added 2026/06/01 11:28 p.m.•34 views

CVE-2026-9048 Slider Revolution 7.0.0 - 7.0.14 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure

4.3CVSS0.00028EPSS

Exploits0References2

ATTACKERKB•added 2026/06/01 11:28 p.m.•7 views

CVE-2026-9048

4.3CVSS5.8AI score0.00028EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/06/01 11:28 p.m.•8 views

CVE-2026-9048 Slider Revolution 7.0.0 - 7.0.14 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure

4.3CVSS5.8AI score0.00028EPSS

Exploits0References2

CVE•added 2026/06/01 11:28 p.m.•23 views

CVE-2026-9048

The Slider Revolution WordPress plugin is affected (versions 7.0.0–7.0.14). The vulnerability arises in the slider.get.full AJAX action, enabling authenticated attackers with Contributor-level access and higher to expose sensitive data stored in slider settings. Exposed data includes raw social m...

4.3CVSS5.8AI score0.00028EPSS

Exploits0References2

ATTACKERKB•added 2026/06/01 11:28 p.m.•5 views

CVE-2026-9050

4.3CVSS5.8AI score0.00029EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by