Lucene search
K

467 matches found

NVD
NVD
added 2026/06/29 3:16 p.m.10 views

CVE-2026-57320

Unauthenticated Cross Site Scripting XSS in BEAR = 1.1.8 versions...

7.1CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 1:36 p.m.7 views

CVE-2026-57320

Unauthenticated Cross Site Scripting XSS in BEAR = 1.1.8 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 1:36 p.m.19 views

CVE-2026-57320

CVE-2026-57320 analyzes show an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress BEAR plugin, affected versions <= 1.1.8. The issue is described as an XSS in BEAR, with no publicly provided exploit details in the connected documents. The available entries identify the ...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 1:36 p.m.32 views

CVE-2026-57320 WordPress BEAR plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in BEAR = 1.1.8 versions...

7.1CVSS0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/29 1:36 p.m.8 views

EUVD-2026-40096

Unauthenticated Cross Site Scripting XSS in BEAR = 1.1.8 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.11 views

CVE-2026-1672

The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the wooberedrawtablerow function. This makes it possibl...

6.5CVSS5.4AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.12 views

CVE-2026-27415

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS5.4AI score0.00095EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 6:32 p.m.8 views

GHSA-XP6R-8PCC-XV5P BillaBear is Vulnerable to SQL Injection in the EventRepository

BillaBear all versions prior to Jan 2026 contains a SQL Injection vulnerability in the EventRepository. User-controlled input from metric filter names and aggregation properties is directly interpolated into SQL queries using sprintf without proper sanitization or identifier quoting. Although...

8.8CVSS6.1AI score0.00365EPSS
Exploits0References4
CVE
CVE
added 2026/05/19 12:0 a.m.19 views

CVE-2026-31069

The CVE-2026-31069 entry concerns BillaBear (versions before Jan 2026) with a SQL Injection in the EventRepository. The root cause is unsafely interpolating user-controlled identifiers (filter names and aggregation property keys) into SQL via sprintf(), while values are parameterized. An authenti...

8.8CVSS6.1AI score0.00365EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 12:32 p.m.9 views

EUVD-2026-29455

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through = 1.1.7.1...

7.6CVSS5.8AI score0.00226EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 11:16 a.m.15 views

CVE-2026-45213

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through = 1.1.7.1...

7.6CVSS0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 11:2 a.m.29 views

CVE-2026-45213

CVE-2026-45213 concerns the WordPress BEAR woo-bulk-editor plugin (RealMag777) with a SQL Injection vulnerability due to improper neutralization of special elements in SQL commands, enabling blind SQL injection. Affected versions are BEAR: from n/a through

7.6CVSS5.8AI score0.00226EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 11:2 a.m.9 views

CVE-2026-45213

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through = 1.1.7.1...

7.6CVSS5.8AI score0.00226EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 11:2 a.m.7 views

CVE-2026-45213 WordPress BEAR plugin <= 1.1.7.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through = 1.1.7.1...

7.6CVSS5.8AI score0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 11:2 a.m.42 views

CVE-2026-45213 WordPress BEAR plugin <= 1.1.7.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through = 1.1.7.1...

7.6CVSS0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.20 views

PT-2026-40013

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through = 1.1.7.1...

7.6CVSS5.8AI score0.00226EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

WordPress plugin BEAR SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.6CVSS5.9AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/07 12:31 p.m.20 views

EUVD-2026-28343

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0References2
NVD
NVD
added 2026/05/07 11:15 a.m.10 views

CVE-2026-27415

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS0.00095EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 10:20 a.m.7 views

CVE-2026-27415

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

4.3CVSS5.8AI score0.00095EPSS
Exploits0References2
Rows per page
Query Builder