CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4418 matches found

Nevma Adaptive Images - Arbitrary File Deletion

Nevma Adaptive Images plugin before 0.6.67 for WordPress contains an arbitrary file deletion caused by unsanitized input in adaptive-images-script.php, letting remote attackers delete arbitrary files, exploit requires sending specific request parameters. id: CVE-2019-14206 info: name: Nevma...

7.5CVSS7.9AI score0.04767EPSS

Exploits2References6

Nuclei•added yesterday•16 views

WordPress WP Fastest Cache <= 0.9.0.2 - Authenticated Arbitrary File Deletion

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion in versions up to, and including, 0.9.0.2 due to a lack of capability checking and insufficient path validation. This makes it possible for authenticated users with minimal permissions to delete...

8.1CVSS5.4AI score0.01367EPSS

Exploits1References4

EUVD•added 2 days ago•5 views

EUVD-2026-37715

Contributor Arbitrary File Deletion in Fusion Builder = 3.15.4 versions...

7.7CVSS5.2AI score0.00337EPSS

Exploits0References2

EUVD•added 2 days ago•5 views

EUVD-2026-37669

Unauthenticated Arbitrary File Deletion in BookPro = 1.1.0 versions...

8.6CVSS5.2AI score0.00511EPSS

Exploits0References2

EUVD•added 2 days ago•4 views

EUVD-2025-210225

Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot = 13.6.5 versions...

7.7CVSS5.2AI score0.0045EPSS

Exploits0References2

NVD•added 2 days ago•5 views

CVE-2026-54193

Contributor Arbitrary File Deletion in Fusion Builder = 3.15.4 versions...

7.7CVSS0.00337EPSS

Exploits0References1

NVD•added 2 days ago•6 views

CVE-2026-52716

Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...

6.5CVSS0.00351EPSS

Exploits0References1

NVD•added 2 days ago•4 views

CVE-2026-27400

Unauthenticated Arbitrary File Deletion in BookPro = 1.1.0 versions...

8.6CVSS0.00511EPSS

Exploits0References1

NVD•added 2 days ago•3 views

CVE-2025-69139

Unauthenticated Arbitrary File Deletion in Car Zone = 3.7 versions...

8.6CVSS0.00533EPSS

Exploits0References1

EUVD•added 2 days ago•5 views

EUVD-2026-37700

Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...

6.5CVSS5.2AI score0.00351EPSS

Exploits0References1

Cvelist•added 2 days ago•25 views

CVE-2026-52716 WordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...

6.5CVSS0.00351EPSS

Exploits0References1

Cvelist•added 2 days ago•25 views

CVE-2026-54193 WordPress Fusion Builder plugin <= 3.15.4 - Arbitrary File Deletion vulnerability

Contributor Arbitrary File Deletion in Fusion Builder = 3.15.4 versions...

7.7CVSS0.00337EPSS

Exploits0References1

CVE•added 2 days ago•10 views

CVE-2026-27400

CVE-2026-27400 affects the WordPress BookPro plugin; versions

8.6CVSS5.2AI score0.00511EPSS

Exploits0References1

Cvelist•added 2 days ago•24 views

CVE-2026-27400 WordPress BookPro plugin <= 1.1.0 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in BookPro = 1.1.0 versions...

8.6CVSS0.00511EPSS

Exploits0References1

CVE•added 2 days ago•5 views

CVE-2025-60223

CVE-2025-60223 affects the WordPress plugin WPBot Pro Wordpress Chatbot (versions

7.7CVSS5.2AI score0.0045EPSS

Exploits0References1

Cvelist•added 2 days ago•24 views

CVE-2025-60223 WordPress WPBot Pro Wordpress Chatbot plugin <= 13.6.5 - Arbitrary File Deletion vulnerability

Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot = 13.6.5 versions...

7.7CVSS0.0045EPSS

Exploits0References1

CVE•added 3 days ago•38 views

CVE-2026-2604

Summary: CVE-2026-2604 affects evolution-data-server. An inconsistent comparison logic in the addressbook backend lets a Flatpak/D-Bus user craft a malicious URI with directory traversal sequences. This URI is stored during contact creation/modification and later rechecked with lower strictness d...

5.6CVSS5.4AI score0.00189EPSS

Exploits0References5

Cvelist•added 3 days ago•13 views

CVE-2026-2604 Evolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handling

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS0.00189EPSS

Exploits0References3

Cvelist•added 3 days ago•18 views

CVE-2025-69139 WordPress Car Zone theme <= 3.7 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in Car Zone = 3.7 versions...

8.6CVSS0.00533EPSS

Exploits0References1

NVD•added 3 days ago•7 views

CVE-2026-8442

The WP Review Slider Pro plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 12.6.8. This is due to missing authorization checks on the wpfbhidereview and wprpsavereviewadmin AJAX handlers combined with insufficient path validation in the wpfbhidereviewaj...

8.1CVSS0.00516EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by