137 matches found
CVE-2026-57633
Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...
EUVD-2026-39749
Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...
CVE-2026-56060 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...
CVE-2026-52696
Unauthenticated Sensitive Data Exposure in JetBlog = 2.4.8 versions...
CVE-2026-34888
Unauthenticated Sensitive Data Exposure in Bricksforge = 3.1.8.4 versions...
CVE-2026-52694
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...
CVE-2026-49056
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...
CVE-2026-42667
Unauthenticated Sensitive Data Exposure in Bookly = 27.4 versions...
CVE-2026-40789
Unauthenticated Sensitive Data Exposure in Amelia = 2.2 versions...
CVE-2026-52695 WordPress ABC Crypto Checkout plugin <= 1.8.2 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...
EUVD-2026-36901
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...
CVE-2026-49066 WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...
CVE-2026-34891
CVE-2026-34891 concerns the WordPress IDPay Payment Gateway for WooCommerce plugin (
PT-2026-49480
Unauthenticated Sensitive Data Exposure in EmbedPress = 4.5.2 versions...
PT-2026-49363
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...
WordPress Ditty – Responsive News Tickers, Sliders, and Lists plugin <= 3.1.65 - Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability
Missing Authorization to Unauthenticated Sensitive Information Disclosure vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Ditty versions = 3.1.65...
PT-2026-42102
The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current url' and 'user name' parameters in versions up to, and including, 2.0.3 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL queries. This makes...
WordPress MW WP Form plugin <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure vulnerability
Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure vulnerability discovered by Kirasec in WordPress Plugin MW WP Form versions = 5.1.2...
Vulnerabilities in Oracle Identity Manager Connector
Oracle has identified several vulnerabilities in the Oracle Identity Manager Connector version 12.2.1.4.0. These vulnerabilities allow an attacker without authentication to perform unauthorized actions through network access via HTTPS or HTTP, such as creating, deleting, or modifying critical dat...
CVE-2026-34285
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Identity Manager...