CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6819 matches found

EUVD•added yesterday•2 views

EUVD-2026-36983

Unauthenticated Broken Access Control in Booking Package = 1.7.06 versions...

7.5CVSS5.1AI score

Exploits0References2

EUVD•added yesterday•2 views

EUVD-2026-36917

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

7.5CVSS5.1AI score

Exploits0References2

CVE•added yesterday•7 views

CVE-2026-52703

The CVE-2026-52703 entry concerns WordPress plugin FastDup (versions ≤ 2.7.2) with an unauthenticated path traversal vulnerability. The issue arises in the FastDup code path that allows traversal of the file system without authentication, enabling access to restricted files. Connected sources con...

9.6CVSS5.2AI score

Exploits0References1

Cvelist•added yesterday•8 views

CVE-2026-52703 WordPress FastDup plugin <= 2.7.2 - Path Traversal vulnerability

Unauthenticated Path Traversal in FastDup = 2.7.2 versions...

Exploits0References1

EUVD•added yesterday•5 views

EUVD-2026-36904

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

7.5CVSS5.2AI score

Exploits0References1

CVE•added yesterday•10 views

CVE-2026-52699

Summary: CVE-2026-52699 affects the WordPress VikRentCar plugin, versions

7.5CVSS5.2AI score

Exploits0References1

Cvelist•added yesterday•10 views

CVE-2026-52699 WordPress VikRentCar plugin <= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

Exploits0References1

EUVD•added yesterday•7 views

EUVD-2026-36902

Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...

7.5CVSS5.2AI score

Exploits0References1

Cvelist•added yesterday•9 views

CVE-2026-52694 WordPress Signature Add-On for WooCommerce plugin <= 2.0 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...

Exploits0References1

EUVD•added yesterday•7 views

EUVD-2026-36898

Unauthenticated PHP Object Injection in OttoKit = 1.1.27 versions...

9.8CVSS5.3AI score

Exploits0References1

EUVD•added yesterday•3 views

EUVD-2026-36895

Unauthenticated Broken Access Control in Welcart e-Commerce = 2.11.28 versions...

6.5CVSS5.1AI score

Exploits0References1

CVE•added yesterday•9 views

CVE-2026-49775

CVE-2026-49775 affects WordPress Welcart e-Commerce plugin versions

6.5CVSS5.1AI score

Exploits0References1

EUVD•added yesterday•3 views

EUVD-2026-36888

Unauthenticated Broken Authentication in RegistrationMagic = 6.0.8.6 versions...

9.8CVSS5.2AI score

Exploits0References1

CVE•added yesterday•7 views

CVE-2026-49763

CVE-2026-49763 concerns the WordPress plugin “WordPress Integration for Contact Form 7 HubSpot” (versions

9.8CVSS5.3AI score

Exploits0References1

EUVD•added yesterday•2 views

EUVD-2026-36883

Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact = 1.1.6 versions...

9.8CVSS5.3AI score

Exploits0References1

CVE•added yesterday•6 views

CVE-2026-49106

The CVE-2026-49106 entry concerns the WordPress plugin “Integration for Contact Form 7 and Constant Contact” (versions ≤ 1.1.6). The vulnerability is an unauthenticated PHP Object Injection in that integration, enabling an attacker to potentially manipulate PHP objects without authentication. The...

9.8CVSS5.3AI score

Exploits0References1

EUVD•added yesterday•2 views

EUVD-2026-36872

Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce = 1.9.5 versions...

8.2CVSS5.1AI score

Exploits0References1

EUVD•added yesterday•2 views

EUVD-2026-36861

Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...

6.5CVSS5.1AI score

Exploits0References1

CVE•added yesterday•7 views

CVE-2026-48887

CVE-2026-48887 affects the WordPress JS Help Desk plugin ≤ 3.0.9 with an unauthenticated Broken Access Control flaw. Documents note unauthorized access control weakness but do not provide root cause details or a stated remediation; Patchstack is cited as the source. Exploitation status is not des...

6.5CVSS5.1AI score

Exploits0References1

Cvelist•added yesterday•8 views

CVE-2026-48886 WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability

Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by