140 matches found
CVE-2026-54891
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
EUVD-2026-41415
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
WordPress Kirki – Freeform Page Builder, Website Builder & Customizer plugin <= 6.0.11 - Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability discovered by Jagadesh Achanta - Independent in WordPress Plugin Kirki versions = 6.0.11...
CVE-2026-57633
Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...
EUVD-2026-39749
Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...
CVE-2026-56060 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...
CVE-2026-52696
Unauthenticated Sensitive Data Exposure in JetBlog = 2.4.8 versions...
CVE-2026-34888
Unauthenticated Sensitive Data Exposure in Bricksforge = 3.1.8.4 versions...
CVE-2026-52694
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...
CVE-2026-49056
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...
CVE-2026-42667
Unauthenticated Sensitive Data Exposure in Bookly = 27.4 versions...
CVE-2026-40789
Unauthenticated Sensitive Data Exposure in Amelia = 2.2 versions...
CVE-2026-52695 WordPress ABC Crypto Checkout plugin <= 1.8.2 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...
EUVD-2026-36901
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...
CVE-2026-49066 WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...
CVE-2026-34891
CVE-2026-34891 concerns the WordPress IDPay Payment Gateway for WooCommerce plugin (
PT-2026-49480
Unauthenticated Sensitive Data Exposure in EmbedPress = 4.5.2 versions...
PT-2026-49363
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...
WordPress Ditty – Responsive News Tickers, Sliders, and Lists plugin <= 3.1.65 - Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Ditty versions = 3.1.65...
PT-2026-42102
The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current url' and 'user name' parameters in versions up to, and including, 2.0.3 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL queries. This makes...