CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

RedhatCVE•added 2026/04/09 7:23 p.m.•2 views

CVE-2026-39644

Missing Authorization vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wp Ultimate Review: from n/a through = 2.3.8...

5.3CVSS5.9AI score0.0019EPSS

Exploits0References1

EUVD•added 2026/04/08 9:31 a.m.•2 views

EUVD-2026-20303

5.9AI score0.0019EPSS

Exploits0References2

NVD•added 2026/04/08 9:16 a.m.•1 views

CVE-2026-39644

5.3CVSS0.0019EPSS

Exploits0References1

ATTACKERKB•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39644

5.9AI score0.0019EPSS

Exploits0References2

Cvelist•added 2026/04/08 8:30 a.m.•19 views

CVE-2026-39644 WordPress Wp Ultimate Review plugin <= 2.3.8 - Broken Access Control vulnerability

5.3CVSS0.0019EPSS

Exploits0References1

Vulnrichment•added 2026/04/08 8:30 a.m.•0 views

CVE-2026-39644 WordPress Wp Ultimate Review plugin <= 2.3.8 - Broken Access Control vulnerability

5.9AI score0.0019EPSS

Exploits0References1

CVE•added 2026/04/08 8:30 a.m.•8 views

CVE-2026-39644

CVE-2026-39644 concerns a Missing Authorization vulnerability in the WordPress plugin “Wp Ultimate Review” by Roxnor, specifically affecting versions up to and including 2.3.8. The root cause is described as Incorrectly Configured Access Control Security Levels, enabling unauthorized access under...

5.3CVSS5.9AI score0.0019EPSS

Exploits0References1

CNNVD•added 2026/04/08 12:0 a.m.•8 views

WordPress plugin Wp Ultimate Review 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.0019EPSS

Exploits0References1

EUVD•added 2025/12/09 6:30 p.m.•3 views

EUVD-2025-201972

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows DOM-Based XSS.This issue affects Wp Ultimate Review: from n/a through = 2.3.6...

8.2CVSS5.9AI score0.00231EPSS

Exploits0References2

Cvelist•added 2025/12/09 2:52 p.m.•25 views

CVE-2025-63057 WordPress Wp Ultimate Review plugin <= 2.3.7 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00231EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 2:52 p.m.•3 views

CVE-2025-63057 WordPress Wp Ultimate Review plugin <= 2.3.7 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.2AI score0.00231EPSS

Exploits0References1

CVE•added 2025/12/09 2:52 p.m.•12 views

CVE-2025-63057

CVE-2025-63057 refers to a DOM-based XSS in the WordPress plugin WP Ultimate Review (Roxnor) affecting versions from and including up to 2.3.7. The vulnerability arises from improper input neutralization during web page generation, enabling cross-site scripting on pages rendered by the plugin. Pu...

6.5CVSS5.9AI score0.00231EPSS

Exploits0References1

CNNVD•added 2025/12/09 12:0 a.m.•1 views

WordPress plugin Wp Ultimate Review 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.5CVSS5.8AI score0.00231EPSS

Exploits0References1