CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

11989 matches found

Positive Technologies•added 2 days ago•6 views

PT-2026-50414

Name of the Vulnerable Software and Affected Versions Fusion Builder versions prior to 3.15.5 Description A path traversal issue allows users with the Contributor role to delete arbitrary files on the server. Recommendations Limit user roles as a temporary mitigation measure. At the moment, there...

7.7CVSS5.3AI score0.00337EPSS

Exploits0References3

EUVD•added 3 days ago•7 views

EUVD-2026-36421

@nuxt/webpack-builder and @nuxt/rspack-builder dev server same-origin check bypassed when Sec-Fetch-Site, Origin, and Referer are all absent incomplete fix for GHSA-6m52-m754-pw2g...

5.9CVSS5.2AI score0.00201EPSS

Exploits1References6

Cvelist•added 3 days ago•16 views

CVE-2026-54194 WordPress Fusion Builder plugin <= 3.15.4 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Fusion Builder = 3.15.4 versions...

9.8CVSS0.00525EPSS

Exploits0References1

CVE•added 3 days ago•7 views

CVE-2026-54194

CVE-2026-54194 concerns the WordPress Fusion Builder plugin, affected versions ≤ 3.15.4, with a PHP Object Injection vulnerability identified in the CVE record. The provided information confirms the affected component (Fusion Builder), the vulnerable version range, and the nature of the issue (PH...

9.8CVSS5.3AI score0.00525EPSS

Exploits0References1

Positive Technologies•added 3 days ago•6 views

PT-2026-50127

Name of the Vulnerable Software and Affected Versions Fusion Builder versions prior to 3.15.5 Description A PHP Object Injection issue exists in the software. This occurs when an application deserializes untrusted data, allowing an attacker to manipulate the objects created and potentially execut...

9.8CVSS5.8AI score0.00525EPSS

Exploits0References2

NVD•added 4 days ago•6 views

CVE-2026-48966

Unauthenticated Cross Site Scripting XSS in Funnel Builder by FunnelKit = 3.15.0.2 versions...

7.1CVSS0.00175EPSS

Exploits0References1

NVD•added 4 days ago•5 views

CVE-2026-42381

Unauthenticated SQL Injection in Funnel Builder by FunnelKit = 3.15.0.1 versions...

9.3CVSS0.00283EPSS

Exploits0References1

Cvelist•added 4 days ago•23 views

CVE-2026-48966 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Funnel Builder by FunnelKit = 3.15.0.2 versions...

7.1CVSS0.00175EPSS

Exploits0References1

EUVD•added 4 days ago•3 views

EUVD-2026-36865

Unauthenticated Cross Site Scripting XSS in Funnel Builder by FunnelKit = 3.15.0.2 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

Vulnrichment•added 4 days ago•4 views

CVE-2026-48966 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Funnel Builder by FunnelKit = 3.15.0.2 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

CVE•added 4 days ago•13 views

CVE-2026-48966

The CVE concerns the WordPress Funnel Builder by FunnelKit plugin (versions

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

Cvelist•added 4 days ago•22 views

CVE-2026-42381 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Funnel Builder by FunnelKit = 3.15.0.1 versions...

9.3CVSS0.00283EPSS

Exploits0References1

EUVD•added 4 days ago•3 views

EUVD-2026-36811

Unauthenticated SQL Injection in Funnel Builder by FunnelKit = 3.15.0.1 versions...

9.3CVSS5.7AI score0.00283EPSS

Exploits0References1

CVE•added 4 days ago•10 views

CVE-2026-42381

CVE-2026-42381 affects WordPress Funnel Builder by FunnelKit plugin versions

9.3CVSS5.7AI score0.00283EPSS

Exploits0References1

Vulnrichment•added 4 days ago•4 views

CVE-2026-52704 WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8...

10CVSS5.4AI score0.00314EPSS

Exploits0References1

Cvelist•added 4 days ago•25 views

CVE-2026-52704 WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8...

10CVSS0.00314EPSS

Exploits0References1

EUVD•added 4 days ago•7 views

EUVD-2026-36720

Improper Control of Generation of Code 'Code Injection' vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8...

10CVSS5.4AI score0.00314EPSS

Exploits0References1

CVE•added 4 days ago•20 views

CVE-2026-52704

The vulnerability CVE-2026-52704 affects the WordPress WooCommerce PDF Invoice Builder plugin (

10CVSS5.4AI score0.00314EPSS

Exploits0References1

NVD•added 4 days ago•7 views

CVE-2026-9278

The Form Builder CP WordPress plugin before 1.2.47 does not properly sanitize a form configuration value before storing it and using it as part of a client-side script execution, allowing authenticated users with Editor-level access and above to perform Stored Cross-Site Scripting attacks against...

5.4CVSS0.00159EPSS

Exploits0References1

Vulnrichment•added 4 days ago•5 views

CVE-2026-9278 Form Builder CP < 1.2.47 - Editor+ Stored XSS via form_structure

The Form Builder CP WordPress plugin before 1.2.47 does not properly sanitize a form configuration value before storing it and using it as part of a client-side script execution, allowing authenticated users with Editor-level access and above to perform Stored Cross-Site Scripting attacks against...

5.2AI score0.00159EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by