Lucene search
+L

28 matches found

CVE
CVE
added 2026/06/17 9:51 a.m.18 views

CVE-2026-52705

CVE-2026-52705 affects the WordPress plugin SigmaForms Pro – AI Generated Forms (versions

9CVSS5.2AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.13 views

CVE-2026-52699

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

7.5CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.9 views

CVE-2026-52699 WordPress VikRentCar plugin <= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

7.5CVSS5.2AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 9:16 a.m.11 views

CVE-2026-39501

Missing Authorization vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FOX: from n/a through = 1.4.5...

5.3CVSS0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:15 p.m.30 views

CVE-2026-32531 WordPress Kunco theme < 1.4.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: from n/a through 1.4.5...

8.1CVSS0.00327EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/23 8:23 p.m.7 views

WordPress FOX plugin <= 1.4.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by timomangcut in WordPress Plugin FOX versions = 1.4.5...

7.6CVSS5.9AI score0.00279EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/20 1:26 p.m.8 views

CVE-2026-25326

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows PHP Local File Inclusion.This issue affects CMSMasters Content Composer: from n/a through = 1.4.5...

7.5CVSS5.5AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.4 views

CVE-2025-68881

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal AppExperts appexperts allows SQL Injection.This issue affects AppExperts: from n/a through = 1.4.5...

8.5CVSS5.6AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/29 9:30 a.m.6 views

EUVD-2025-36612

Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Evergreen Content Poster: from n/a through = 1.4.5...

4.3CVSS6.5AI score0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/29 8:38 a.m.10 views

CVE-2025-64234 WordPress Evergreen Content Poster plugin <= 1.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Evergreen Content Poster: from n/a through = 1.4.5...

4.3CVSS0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 1:34 a.m.4 views

CVE-2025-62971 WordPress Attesa Extra plugin <= 1.4.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrestaProject Attesa Extra attesa-extra allows Stored XSS.This issue affects Attesa Extra: from n/a through = 1.4.7...

6.5CVSS5.2AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.11 views

CVE-2025-53218 WordPress AppExperts plugin <= 1.4.5 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through = 1.4.5...

5.8CVSS0.00277EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.9 views

CVE-2025-49373

CVE-2025-49373 concerns the WordPress plugin Evergreen Content Poster (versions up to and including 1.4.5). The vulnerability is a Cross-Site Request Forgery (CSRF) flaw that can allow an attacker to induce actions on behalf of authenticated users. Root cause details in the connected sources cons...

4.3CVSS6.5AI score0.00131EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

WordPress plugin Evergreen Content Poster 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.6AI score0.00131EPSS
Exploits0References1
CVE
CVE
added 2025/09/05 1:45 p.m.9 views

CVE-2025-58821

CVE-2025-58821 applies to the WordPress plugin WP Notification Bell. The vulnerability is stored XSS caused by improper input neutralization during web page generation, affecting WP Notification Bell versions up to 1.4.5 (per CVE entry); Patchstack and related sources indicate a fix may be availa...

5.9CVSS5.9AI score0.00216EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/24 11:23 a.m.5 views

WordPress Zikzag Core plugin <= 1.4.5 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Plugin Zikzag Core versions = 1.4.5...

8.1CVSS6.9AI score0.00397EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/06/06 1:15 p.m.6 views

CVE-2025-31025

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blocksera Image Hover Effects Block image-hover-effects-block allows Stored XSS.This issue affects Image Hover Effects Block: from n/a through = 1.4.5...

6.5CVSS0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.16 views

CVE-2024-35721

Missing Authorization vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through 1.4.5...

8.8CVSS6.9AI score0.00356EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/24 4:8 p.m.16 views

CVE-2025-32921 WordPress Arrival theme <= 1.4.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpoperations Arrival arrival allows PHP Local File Inclusion.This issue affects Arrival: from n/a through = 1.4.5...

7.5CVSS0.00611EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/22 3:49 p.m.7 views

WordPress Evergreen Content Poster plugin <= 1.4.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by LVT-tholv2k in WordPress Plugin Evergreen Content Poster versions = 1.4.5...

4.3CVSS7AI score0.00226EPSS
Exploits0Affected Software1
Rows per page
Query Builder