956 matches found
Exploit for CVE-2026-8732
CVE-2026-8732 - WP Maps Pro &checktemp=false' 3. Login via...
WP DSGVO Tools (GDPR) <= 3.1.23 - Unauthenticated Arbitrary Post Deletion
WP DSGVO Tools GDPR = 3.1.23 had an AJAX action, ‘admin-dismiss-unsubscribe‘, which lacked a capability check and a nonce check and was available to unauthenticated users, and did not check the post type when deleting unsubscription requests. As such, it was possible for an attacker to permanentl...
WordPress LiteSpeed Cache - Unauthenticated Privilege Escalation to Admin
Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from 1.9 through 6.3.0.1. id: CVE-2024-28000 info: name: WordPress LiteSpeed Cache - Unauthenticated Privilege Escalation to Admin...
UserPro <= 5.1.1 - Authentication Bypass
The UserPro plugin for WordPress through 5.1.1 allows authentication bypass via the userprofbconnect AJAX action. id: CVE-2023-2437 info: name: UserPro = 5.1.1 - Authentication Bypass author: intelligent-ears severity: critical description: | The UserPro plugin for WordPress through 5.1.1 allows...
CVE-2026-8995
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 6.3.7. This is due to insufficient access controls on the 'ayspollgetuserinformation' AJAX action, which serializes and returns the...
PT-2026-44747
Name of the Vulnerable Software and Affected Versions Breeze versions prior to 2.5.3 Description Improper verification of the wordpress logged in cookie in the inc/cache/execute-cache.php file occurs when the "Cache Logged-in Users" setting is enabled. The plugin uses the substr function to parse...
CVE-2026-9618
The CVE-2026-9618 entry concerns the PeachPay for WooCommerce plugin (WordPress) with versions up to and including 1.120.46. Affected component: peachpay_stripe_handle_admin_actions function, where missing/incorrect nonce validation enables Cross-Site Request Forgery. Impact: unauthenticated atta...
CVE-2026-9644
The LiveSmart Video Chat Live Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'livesmartwidget' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress Etude theme <= 1.6 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Etude versions = 1.6...
CVE-2026-3001
The CWE: CVE-2026-3001 affects the Gutenverse WordPress plugin, up to version 3.4.6. The vulnerability is a Reflected Cross-Site Scripting (XSS) in the search title block: render_content() echoes get_query_var('s') directly into HTML without escaping, enabling an attacker to craft a URL that inje...
EUVD-2026-32096
The Instant-Quote.co Quotation Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-8911 WP AutoBuzz <= 1.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'googleAccount' Parameter
The WP AutoBuzz plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web script...
EUVD-2026-32069
The jQuery googleslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'googleslides' shortcode in all versions up to, and including, 1.3. This is due to insufficient input sanitization and output escaping on user supplied attributes userid, albumid, authkey, imgmax,...
CVE-2026-9200 Query Shortcode <= 0.2.1 - Authenticated (Contributor+) Local File Inclusion via 'lens' Shortcode Attribute
The Query Shortcode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.2.1 via the shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary .php files on the...
WordPress Listen Shortcode plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Listen Shortcode versions = 1.0...
WordPress SeaFood Company theme <= 1.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme SeaFood Company versions = 1.4...
WordPress plugin Newses 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2026-9011
The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-2518
The CVE-2026-2518 entry concerns the WordPress FastX theme. The vulnerability is due to missing capability checks in two callbacks, ultp_install_callback and ultp_activate_callback, affecting all versions up to and including 1.0.2. This allows authenticated attackers with Subscriber-level access ...
CVE-2026-1881 Broadstreet <= 1.52.2 - Authenticated (Subscriber+) Private Post Meta Disclosure via get_sponsored_meta
The Broadstreet plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.52.2 via the getsponsoredmeta AJAX action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level...