CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/04/29 12:16 p.m.•1 views

CVE-2026-42646

7.6CVSS0.00039EPSS

EUVD•added 2026/04/29 10:40 a.m.•0 views

EUVD-2026-26217

Vulnrichment•added 2026/04/29 10:40 a.m.•2 views

CVE-2026-42646 WordPress TaxoPress plugin <= 3.44.0 - SQL Injection vulnerability

Cvelist•added 2026/04/29 10:40 a.m.•28 views

CVE-2026-42646 WordPress TaxoPress plugin <= 3.44.0 - SQL Injection vulnerability

7.6CVSS0.00039EPSS

ATTACKERKB•added 2026/04/29 10:40 a.m.•1 views

CVE-2026-42646

CVE•added 2026/04/29 10:40 a.m.•6 views

Exploits0References2

CVE-2026-42646

CVE-2026-42646 concerns the WordPress TaxoPress plugin, specifically the simple-tags component. The vulnerability is an SQL Injection caused by improper neutralization of special elements, described as a Blind SQL Injection. Affected versions are TaxoPress up to and including 3.44.0 (plugin names...

Positive Technologies•added 2026/04/29 12:0 a.m.•1 views

PT-2026-35905

CNNVD•added 2026/04/29 12:0 a.m.•7 views

WordPress Plugin TaxoPress SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.6CVSS5.9AI score0.00039EPSS

RedhatCVE•added 2026/01/07 9:19 a.m.•1 views

CVE-2025-14371

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the taxopressaiaddpostterm function in all versions up to, and including, 3.41.0. This makes it possible for authenticat...

4.3CVSS5AI score0.00034EPSS

CVE•added 2026/01/06 7:22 a.m.•4 views

CVE-2025-14371

CVE-2025-14371 : TaxoPress’s Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI (WordPress) is vulnerable due to a missing authorization check in the taxopress_ai_add_post_term function. This allows authenticated users with Contributor-level access and above to add or remove taxonomy...

4.3CVSS4.7AI score0.00034EPSS

Exploits0References3

Vulnrichment•added 2026/01/06 7:22 a.m.•1 views

CVE-2025-14371 TaxoPress <= 3.41.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Tag Modification

4.3CVSS4.7AI score0.00034EPSS

Exploits0References3

Cvelist•added 2026/01/06 7:22 a.m.•28 views

CVE-2025-14371 TaxoPress <= 3.41.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Tag Modification

4.3CVSS0.00034EPSS

Exploits0References3

Patchstack•added 2026/01/05 10:39 p.m.•3 views

WordPress TaxoPress plugin <= 3.41.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Tag Modification vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Post Tag Modification vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin TaxoPress versions = 3.41.0...

4.3CVSS6.8AI score0.00034EPSS

Patchstack•added 2025/12/31 12:0 a.m.•3 views

WordPress TaxoPress plugin <= 3.40.1 - Authenticated (Contributor+) SQL Injection via ORDER BY Clause vulnerability

Authenticated Contributor+ SQL Injection via ORDER BY Clause vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin TaxoPress versions = 3.40.1...

6.5CVSS5.9AI score0.00029EPSS

Vulnrichment•added 2025/12/03 1:52 p.m.•2 views

CVE-2025-13354 Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Taxonomy Term Manipulation

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.40.1. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

4.3CVSS5.6AI score0.00036EPSS

Exploits0References2

Cvelist•added 2025/12/03 1:52 p.m.•11 views

CVE-2025-13354 Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Taxonomy Term Manipulation

4.3CVSS0.00036EPSS

Exploits0References2

Patchstack•added 2025/12/03 1:35 a.m.•4 views

WordPress TaxoPress plugin <= 3.40.1 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by type5afe in WordPress Plugin TaxoPress versions = 3.40.1...

6.5CVSS7.8AI score0.00028EPSS

Patchstack•added 2025/12/03 1:35 a.m.•4 views

WordPress TaxoPress plugin <= 3.40.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Taxonomy Term Manipulation vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Taxonomy Term Manipulation vulnerability discovered by type5afe in WordPress Plugin TaxoPress versions = 3.40.1...

4.3CVSS6.7AI score0.00036EPSS

Patchstack•added 2025/11/10 1:32 a.m.•3 views

WordPress TaxoPress plugin <= 3.40.0 - Authenticated (Editor+) SQL Injection vulnerability

Authenticated Editor+ SQL Injection vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin TaxoPress versions = 3.40.0...

4.9CVSS7.8AI score0.00036EPSS