Lucene search
K

9967 matches found

Nuclei
Nuclei
added 9 hours ago11 views

Tutor LMS <= 2.1.10 - SQL Injection

Tutor LMS – eLearning and online course solution plugin for WordPress all versions up to 2.6.1 contains a time-based SQL Injection caused by insufficient escaping on the questionid parameter in SQL queries, letting authenticated attackers with subscriber or higher access extract sensitive...

8.8CVSS7.4AI score0.03135EPSS
Exploits0References3
Nuclei
Nuclei
added 9 hours ago14 views

Group-Office < 26.0.5 - Remote Code Execution

Group-Office before versions 6.8.150, 25.0.82, and 26.0.5 is vulnerable to remote code execution via OS command injection. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmpfile into an exec call. By injecting shell metacharacters into...

9.4CVSS6.8AI score0.18536EPSS
Exploits2References4
Patchstack
Patchstack
added yesterday2 views

WordPress Logo Slider WP – Responsive Logo Carousel, Logo Gallery & Logo Showcase plugin <= 5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Logo Slider versions = 5.5...

6.4CVSS6.1AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added yesterday1 views

WordPress Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) plugin <= 4.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by PRISM in WordPress Plugin WP Event SOlution versions = 4.1.15...

6.4CVSS6.1AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added yesterday14 views

CVE-2026-13492 UsersWP <= 1.2.65 - Authenticated (Subscriber+) Arbitrary File Deletion via File Upload Field

The UsersWP plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 1.2.65. This is due to insufficient validation of file-field values in the UsersWPValidation::validatefields function which falls through to sanitizetextfield for fields of type 'file',...

8.8CVSS
Exploits0References8
EUVD
EUVD
added yesterday4 views

EUVD-2026-42686

The UsersWP plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 1.2.65. This is due to insufficient validation of file-field values in the UsersWPValidation::validatefields function which falls through to sanitizetextfield for fields of type 'file',...

8.8CVSS6AI score
Exploits0References8
CVE
CVE
added yesterday9 views

CVE-2026-13492

The CVE-2026-13492 entry concerns the WordPress UsersWP plugin (affected versions up to and including 1.2.65). The vulnerability arises from insufficient validation of file-field values in UsersWP_Validation::validate_fields(), which falls through to sanitize_text_field() for fields of type 'file...

8.8CVSS6AI score
Exploits0References8
CVE
CVE
added yesterday7 views

CVE-2026-12428

The CVE concerns the WordPress plugin Blocks for ACF Fields (versions up to 1.6.2). A missing capability check on the REST endpoint /wp-json/acf-field-blocks/v1/values (get_all_values) allows unauthorized access to ACF field data. The permission_callback only verifies publish_posts, and the handl...

6.5CVSS6.1AI score
Exploits0References8
Cvelist
Cvelist
added yesterday19 views

CVE-2026-14372 Bit Form <= 3.1.1 - Authenticated (Subscriber+) Arbitrary File Deletion via '_old' Parameter

The Bit Form – Contact Form, Payment Forms, Multi Step Forms, Calculator & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteFiles function in all versions up to, and including, 3.1.1 This makes it possible for...

7.1CVSS
Exploits0References13
Cvelist
Cvelist
added yesterday18 views

CVE-2026-9240 Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order Shipment Modification via lpc_order_affect AJAX action

The Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateShippingMethod function registered to the wpajaxlpcorderaffect AJAX action in versions up to, and including, 2.9.0...

4.3CVSS
Exploits0References5
CVE
CVE
added yesterday9 views

CVE-2026-12433

The CVE describes a vulnerability in the Hydra Booking WordPress plugin (versions up to 1.2.1) where an Insecure Direct Object Reference in the /wp-json/hydra-booking/v1/booking/details/{id} endpoint allows authenticated hosts with the tfhb_manage_options capability to view booking records from o...

4.3CVSS5.9AI score0.00435EPSS
Exploits0References10
Cvelist
Cvelist
added yesterday19 views

CVE-2026-12433 Hydra Booking <= 1.2.1 - Authenticated (Custom+) Insecure Direct Object Reference to Sensitive Information Exposure via 'booking_id' Parameter

The Hydra Booking – Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.2.1 via the /wp-json/hydra-booking/v1/booking/details/id REST endpoint. This is due to the getBookingDetails callback only...

4.3CVSS0.00435EPSS
Exploits0References10
CVE
CVE
added yesterday9 views

CVE-2026-13011

The affected product is the ERP: Complete HR, Accounting & CRM Suite with Recruitment and WooCommerce CRM Support plugin for WordPress. It is vulnerable to a generic SQL Injection via the 'orderby' parameter in all versions up to and including 1.17.5, caused by insufficient escaping of user input...

6.5CVSS6AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday20 views

CVE-2026-13011 ERP: Complete HR, Accounting & CRM Suite with Recruitment and WooCommerce CRM Support <= 1.17.5 - Authenticated (HR Manager+) SQL Injection via 'orderby' Parameter

The ERP: Complete HR, Accounting & CRM Suite with Recruitment and WooCommerce CRM Support plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 1.17.5 due to insufficient escaping on the user supplied parameter and lack of...

6.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added yesterday8 views

CVE-2026-13771

The Customer Reviews for WooCommerce plugin for WordPress is affected by a Stored Cross-Site Scripting vulnerability via the color shortcode attribute in all versions up to 5.113.0, caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access at contri...

6.4CVSS6.1AI score0.00241EPSS
Exploits0References10
CVE
CVE
added yesterday6 views

CVE-2026-12170

The CVE concerns the AcyMailing WordPress plugin (all versions up to 10.10.2) vulnerability to Stored Cross-Site Scripting via the alignment attribute, caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access at contributor level or higher, enablin...

6.4CVSS6.1AI score0.00256EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday18 views

CVE-2026-14343 Download Manager <= 3.3.61 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'note_before' and 'note_after' Shortcode Attributes

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'notebefore' and 'noteafter' Shortcode Attributes in all versions up to, and including, 3.3.61 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS0.00201EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday17 views

CVE-2026-12170 AcyMailing <= 10.10.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'alignment' Attribute

The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' attribute in all versions up to, and including, 10.10.2 due to insufficient input sanitization and output escaping...

6.4CVSS0.00256EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday18 views

CVE-2026-4653 Block, Suspend, Report for BuddyPress <= 3.6.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'link' Parameter

The Block, Suspend, Report for BuddyPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter in versions up to and including 3.6.4. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with...

6.4CVSS0.00201EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday16 views

CVE-2026-13253 Post Grid Gutenberg Blocks for News, Magazines, Blog Websites <= 5.0.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'moreResultsText' Block Attribute

The Ultimate Post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'moreResultsText' block attribute of the ultimate-post/advanced-search block in versions up to and including 5.0.31. This is due to insufficient input sanitization and output escaping in the...

6.4CVSS0.00206EPSS
Exploits0References8
Rows per page
Query Builder