Lucene search
K

26 matches found

NVD
NVD
added 2026/06/17 2:17 p.m.10 views

CVE-2026-39576

Unauthenticated PHP Object Injection in SingleMalt = 1.5 versions...

8.1CVSS0.00395EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.11 views

CVE-2026-39573

CVE-2026-39573 : Unauthenticated PHP Object Injection in WordPress Mildhill theme <= 1.5. Affected component: Mildhill theme (WordPress). Root cause: PHP Object Injection vulnerability. Impact: high across confidentiality, integrity, and availability (CVSSv3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/...

8.1CVSS5.3AI score0.00395EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/27 1:45 p.m.18 views

WordPress Eventicity theme <= 1.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Eventicity versions = 1.5...

8.1CVSS5.8AI score0.00348EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/08 12:22 p.m.4 views

WordPress Mildhill theme <= 1.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Mildhill versions = 1.5...

5.8AI score0.00395EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/06 7:55 a.m.6 views

CVE-2026-27439

Deserialization of Untrusted Data vulnerability in ThemeREX Dentario dentario allows Object Injection.This issue affects Dentario: from n/a through = 1.5...

9.8CVSS5.8AI score0.00375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:54 a.m.7 views

CVE-2026-28025

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Stargaze stargaze allows PHP Local File Inclusion.This issue affects Stargaze: from n/a through = 1.5...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
NVD
NVD
added 2026/03/05 6:16 a.m.8 views

CVE-2026-28025

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Stargaze stargaze allows PHP Local File Inclusion.This issue affects Stargaze: from n/a through = 1.5...

8.1CVSS0.00403EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/17 8:10 a.m.8 views

WordPress Ironfit theme <= 1.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Ironfit versions = 1.5...

8.1CVSS5.5AI score0.00512EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/08 9:17 a.m.1 views

CVE-2025-27002 WordPress CountDown With Image or Video Background plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

7.1CVSS6AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2025/12/30 10:47 a.m.7 views

CVE-2025-68977

CVE-2025-68977 affects DesignThemes Portfolio Addon (designthemes-portfolio-addon) with a Stored Cross-Site Scripting vulnerability in versions up to 1.5. The Wordfence entry confirms an authenticated (Contributor+) context for exploitation, indicating the issue requires user credentials to trigg...

6.5CVSS6AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.5 views

CVE-2025-68573

Cross-Site Request Forgery CSRF vulnerability in Alessandro Piconi Simple Keyword to Link simple-keyword-to-link allows Cross Site Request Forgery.This issue affects Simple Keyword to Link: from n/a through = 1.5...

5.4CVSS6.8AI score0.00106EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 1:10 p.m.30 views

CVE-2025-68573 WordPress Simple Keyword to Link plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Alessandro Piconi Simple Keyword to Link simple-keyword-to-link allows Cross Site Request Forgery.This issue affects Simple Keyword to Link: from n/a through = 1.5...

5.4CVSS0.00106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.3 views

CVE-2025-67627 WordPress Draft Notify plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through = 1.5...

5.9CVSS5.6AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 5:15 p.m.23 views

CVE-2024-37945

The CVE-2024-37945 entry concerns the WPBITS Addons For Elementor Page Builder plugin (versions

6.5CVSS5.9AI score0.0016EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:2 a.m.3 views

CVE-2023-28930

Cross-Site Request Forgery CSRF vulnerability in Robin Phillips Mobile Banner plugin = 1.5 versions...

8.8CVSS7AI score0.00309EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/24 1:28 p.m.2 views

WordPress WP SoundCloud Ultimate plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin SoundCloud Ultimate versions = 1.5...

4.3CVSS7AI score0.00197EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/20 12:0 a.m.4 views

WordPress BP Email Assign Templates Plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin BP Email Assign Templates versions = 1.5...

7.1CVSS6.1AI score0.00271EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.3 views

WordPress Pastebin plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Pastebin versions = 1.5...

6.5CVSS6.1AI score0.00357EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/12/04 10:30 p.m.4 views

WordPress Simple Redirection plugin <= 1.5 - Cross-Site Request Forgery to Arbitrary Site Redirect vulnerability

Cross-Site Request Forgery to Arbitrary Site Redirect vulnerability discovered by SOPROBRO in WordPress Plugin Simple Redirection versions = 1.5...

4.3CVSS6.9AI score0.00166EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/31 3:57 p.m.4 views

WordPress Quran Shortcode plugin <= 1.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Quran Shortcode versions = 1.5...

8.5CVSS8.1AI score0.00384EPSS
Exploits0Affected Software1
Rows per page
Query Builder