Lucene search
K

8580 matches found

Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-12729 weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot <= 2.3.0 - Missing Authorization to Authenticated (Subscriber+) Data Migration via wedocs_migrate_betterdocs_to_wedocs AJAX Action

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 2.3.0. This is due to a missing capability check on the domigration function registered as the wedocsmigratebetterdocstowedocs...

4.3CVSS0.00213EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago10 views

EUVD-2026-41468

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 2.3.0. This is due to a missing capability check on the domigration function registered as the wedocsmigratebetterdocstowedocs...

4.3CVSS5.6AI score0.00213EPSS
Exploits0References6
NVD
NVD
added last week6 views

CVE-2026-57730

Subscriber Broken Access Control in Flatsome = 3.20.5 versions...

4.3CVSS0.00222EPSS
Exploits0References1
NVD
NVD
added last week7 views

CVE-2026-57746

Subscriber Broken Access Control in Booked = 3.0.0 versions...

7.1CVSS0.00235EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-57685

Subscriber Broken Access Control in Martfury - WooCommerce Marketplace WordPress Theme = 3.2.8 versions...

4.3CVSS0.00254EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-57669

Subscriber Broken Access Control in Advanced Contact form 7 DB = 2.0.9 versions...

6.5CVSS0.0034EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-57353

Subscriber Broken Access Control in Link Whisper Premium = 2.9.0 versions...

6.5CVSS0.00299EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-57355

Subscriber Broken Access Control in Classified Listing = 5.4.2 versions...

6.5CVSS0.00299EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-57347

Subscriber Sensitive Data Exposure in Hotel Booking Lite = 6.0.3 versions...

6.5CVSS0.00371EPSS
Exploits0References1
NVD
NVD
added last week5 views

CVE-2026-57342

Subscriber Cross Site Scripting XSS in ShortPixel Adaptive Images = 3.11.3 versions...

6.5CVSS0.00224EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-27419

Subscriber Arbitrary File Upload in Zegen = 1.1.9 versions...

9.9CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added last week7 views

CVE-2025-69094

Subscriber SQL Injection in Unicamp = 2.2.2 versions...

8.5CVSS0.00278EPSS
Exploits0References1
NVD
NVD
added last week5 views

CVE-2025-69132

Subscriber Sensitive Data Exposure in Corpkit = 1.0.5 versions...

6.5CVSS0.00355EPSS
Exploits0References1
EUVD
EUVD
added last week6 views

EUVD-2026-41302

Subscriber Broken Access Control in Booked = 3.0.0 versions...

7.1CVSS5.8AI score0.00235EPSS
Exploits0References1
CVE
CVE
added last week11 views

CVE-2026-57746

CVE-2026-57746 concerns the WordPress Booked plugin (versions up to and including 3.0.0) where a Broken Access Control vulnerability is described. The Initial document notes only the affected software and version range, with the impact stated as access control issues; no root cause, affected file...

7.1CVSS5.8AI score0.00235EPSS
Exploits0References1
CVE
CVE
added last week15 views

CVE-2026-57730

CVE-2026-57730 concerns the WordPress Flatsome theme (

4.3CVSS5.8AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added last week33 views

CVE-2026-57685 WordPress Martfury - WooCommerce Marketplace WordPress theme theme <= 3.2.8 - Broken Access Control vulnerability

Subscriber Broken Access Control in Martfury - WooCommerce Marketplace WordPress Theme = 3.2.8 versions...

4.3CVSS0.00254EPSS
Exploits0References1
CVE
CVE
added last week15 views

CVE-2026-57685

CVE-2026-57685: A Broken Access Control vulnerability exists in WordPress Martfury - WooCommerce Marketplace Theme (versions

4.3CVSS5.8AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added last week6 views

EUVD-2026-41290

Subscriber Server Side Request Forgery SSRF in GeoDirectory = 2.8.161 versions...

6.4CVSS5.8AI score0.0023EPSS
Exploits0References1
CVE
CVE
added last week11 views

CVE-2026-57669

The affected software is the WordPress plugin Advanced Contact form 7 DB (versions

6.5CVSS5.8AI score0.0034EPSS
Exploits0References1
Rows per page
Query Builder