Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

453029 matches found

CVE
CVEadded yesterday5 views

CVE-2026-57316

CVE-2026-57316 concerns the WordPress GetGenie plugin (versions up to 4.4.2). The issue is described as Subscriber Sensitive Data Exposure, indicating that subscriber data may be exposed due to a vulnerability in the affected plugin. The CVSS 3.1 data in the initial document assigns a base score ...

6.5CVSS5.8AI score
Exploits0References1
Cvelist
Cvelistadded yesterday11 views

CVE-2026-57315 WordPress Blocksy Companion Pro plugin <= 2.1.45 - Remote Code Execution (RCE) vulnerability

Contributor Remote Code Execution RCE in Blocksy Companion Pro = 2.1.45 versions...

8.5CVSS
Exploits0References1
EUVD
EUVDadded yesterday3 views

EUVD-2026-39728

Contributor Remote Code Execution RCE in Blocksy Companion Pro = 2.1.45 versions...

8.5CVSS5.9AI score
Exploits0References1
EUVD
EUVDadded yesterday3 views

EUVD-2026-39727

Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...

7.1CVSS5.8AI score
Exploits0References1
CVE
CVEadded yesterday4 views

CVE-2026-57313

CVE-2026-57313 concerns a Subscriber XSS vulnerability in the WordPress plugin SureCart up to version 4.2.2 . The public records describe an XSS issue affecting subscribers, but do not provide concrete exploit scenarios, affected subcomponents, or a detailed root cause beyond the general class of...

6.5CVSS5.8AI score
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-57312 WordPress Everest Forms plugin <= 3.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Everest Forms = 3.4.8 versions...

7.1CVSS
Exploits0References1
EUVD
EUVDadded yesterday3 views

EUVD-2026-39725

Unauthenticated Cross Site Scripting XSS in Everest Forms = 3.4.8 versions...

7.1CVSS5.8AI score
Exploits0References1
EUVD
EUVDadded yesterday3 views

EUVD-2026-39723

Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...

9.3CVSS5.8AI score
Exploits0References1
CVE
CVEadded yesterday6 views

CVE-2026-56069

This CVE concerns the WordPress Toolset Forms plugin (versions up to 2.6.24). The issue is an Unauthenticated Insecure Direct Object Reference (IDOR) in Toolset Forms, allowing access to objects without authentication. The CVSS 3.1 vector indicates network attack, low attack complexity, no privil...

7.5CVSS5.8AI score
Exploits0References1
EUVD
EUVDadded yesterday4 views

EUVD-2026-39721

Unauthenticated SQL Injection in JetEngine = 3.8.10.2 versions...

9.3CVSS5.8AI score
Exploits0References1
Cvelist
Cvelistadded yesterday14 views

CVE-2026-56067 WordPress JetSmartFilters plugin <= 3.8.3 - SQL Injection vulnerability

Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...

9.3CVSS
Exploits0References1
EUVD
EUVDadded yesterday4 views

EUVD-2026-39720

Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...

9.3CVSS5.8AI score
Exploits0References1
Cvelist
Cvelistadded yesterday10 views

CVE-2026-56066 WordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS
Exploits0References1
CVE
CVEadded yesterday10 views

CVE-2026-56067

CVE-2026-56067 affects WordPress JetSmartFilters plugin versions up to and including 3.8.3. The vulnerability is an unauthenticated SQL Injection in JetSmartFilters (plugin/WP integration). The root cause, as stated in the sources, is a SQL injection flaw that can be exploited without authenticat...

9.3CVSS5.8AI score
Exploits0References1
CVE
CVEadded yesterday5 views

CVE-2026-56063

The CVE-2026-56063 entry documents an Unauthenticated Broken Access Control vulnerability in the WordPress plugin MailChimp Block up to version 1.1.15 . The affected component is the plugin’s access control logic, with impact described as compromising confidentiality, integrity, and availability ...

8.3CVSS5.8AI score
Exploits0References1
EUVD
EUVDadded yesterday2 views

EUVD-2026-39717

Unauthenticated Broken Access Control in MailChimp Block = 1.1.15 versions...

8.3CVSS5.8AI score
Exploits0References1
CVE
CVEadded yesterday7 views

CVE-2026-56062

The CVE identifies an unauthenticated SQL injection in the WordPress Quotes llama plugin, affecting versions up to and including 3.1.5. The vulnerability arises in Quotes llama’s handling of input data, allowing unauthenticated attackers to potentially execute SQL commands. The CVSS base score is...

9.3CVSS5.8AI score
Exploits0References1
CVE
CVEadded yesterday6 views

CVE-2026-56061

CVE-2026-56061 concerns the WordPress Subscriptions for WooCommerce plugin, affected versions

7.5CVSS5.8AI score
Exploits0References1
EUVD
EUVDadded yesterday5 views

EUVD-2026-39711

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS5.8AI score
Exploits0References1
Cvelist
Cvelistadded yesterday12 views

CVE-2026-56055 WordPress RealHomes theme <= 4.5.3 - PHP Object Injection vulnerability

Subscriber PHP Object Injection in RealHomes = 4.5.3 versions...

8.8CVSS
Exploits0References1
Rows per page
Query Builder