CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

86 matches found

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-27071 WordPress WPCafe plugin <= 3.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through = 3.0.7...

5.8AI score0.00066EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•4 views

CVE-2026-27071

CVE-2026-27071 is a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin WPCafe (wp-cafe) by Arraytics, affecting versions up to 3.0.7. The issue enables exploitation of incorrectly configured access control. CVSS v3.1 base score 9.1 (critical); vector: NETWORK, PR:...

9.1CVSS5.8AI score0.00066EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•24 views

CVE-2026-27071 WordPress WPCafe plugin <= 3.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through = 3.0.7...

9.1CVSS0.00066EPSS

Exploits0References1

Positive Technologies•added 2026/03/25 12:0 a.m.•2 views

PT-2026-27972

Name of the Vulnerable Software and Affected Versions Arraytics WPCafe versions n/a through 3.0.7 Description An authorization issue exists in Arraytics WPCafe wp-cafe due to incorrectly configured access control security levels. This allows for exploitation of the system. Recommendations Update...

9.1CVSS5.9AI score0.00066EPSS

Exploits0References3

CNNVD•added 2026/03/25 12:0 a.m.•3 views

WordPress plugin WPCafe 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

9.1CVSS5.8AI score0.00066EPSS

Exploits0References1

Patchstack•added 2026/03/12 10:30 a.m.•3 views

WordPress WPCafe plugin <= 3.0.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin WPCafe versions = 3.0.7...

9.1CVSS5.8AI score0.00066EPSS

Exploits0Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2024-40062

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.01662EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-51900

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00713EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-11780

Malicious code in bioql PyPI...

7.5CVSS8.2AI score0.00497EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-17580

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00457EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-46653

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.01406EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-8348

Malicious code in bioql PyPI...

7.5CVSS9AI score0.01647EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-36722

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.0123EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-46649

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.0036EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 8:28 a.m.•0 views

CVE-2024-5427

The WPCafe – Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Reservation Form shortcode in all versions up to, and including, 2.2.24 due to insufficient input sanitization and outp...

6.4CVSS5AI score0.0036EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:23 a.m.•2 views

CVE-2024-1855

The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpccheckforsubmission function. This makes it possible for unauthenticated...

5.3CVSS5.9AI score0.00457EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:10 a.m.•6 views

CVE-2023-47805

Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through = 2.2.22...

9.8CVSS7.3AI score0.00713EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 3:39 p.m.•5 views

CVE-2025-39452

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Arraytics WPCafe wp-cafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through = 2.2.32...

7.5CVSS7.2AI score0.00497EPSS

Exploits0References1

NVD•added 2025/04/17 4:15 p.m.•9 views

CVE-2025-39452

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Arraytics WPCafe wp-cafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through = 2.2.32...

7.5CVSS0.00497EPSS

Exploits0References1

CVE•added 2025/04/17 3:15 p.m.•48 views

CVE-2025-39452

CVE-2025-39452 affects WordPress plugin WPCafe (Themenwinter) up to version 2.2.32. The issue is Improper Control of Filename for Include/Require Statement (PHP Remote File Inclusion) that enables Local File Inclusion through improper filename handling in PHP include/require. Public records (NVD,...

7.5CVSS7.2AI score0.00497EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by