CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

66 matches found

RedhatCVE•added 2026/01/10 5:41 a.m.•0 views

CVE-2026-0674

Missing Authorization vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Campaign Monitor for WordPress: from n/a through 2.9.1...

4.3CVSS5.8AI score0.00014EPSS

Exploits0References1

Patchstack•added 2026/01/08 1:46 p.m.•2 views

WordPress Campaign Monitor for WordPress plugin <= 2.9.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Campaign Monitor for WordPress versions = 2.9.0...

4.3CVSS7AI score0.00014EPSS

Exploits0Affected Software1

NVD•added 2026/01/08 10:15 a.m.•2 views

CVE-2026-0674

4.3CVSS0.00014EPSS

Exploits0References1

Vulnrichment•added 2026/01/08 9:17 a.m.•1 views

CVE-2026-0674 WordPress Campaign Monitor for WordPress plugin <= 2.9.1 - Broken Access Control vulnerability

4.3CVSS5.8AI score0.00014EPSS

Exploits0References1

ATTACKERKB•added 2026/01/08 9:17 a.m.•1 views

CVE-2026-0674

4.3CVSS5.8AI score0.00014EPSS

Exploits0References4

CVE•added 2026/01/08 9:17 a.m.•7 views

CVE-2026-0674

CVE-2026-0674 refers to a Missing Authorization vulnerability in Campaign Monitor for WordPress (plugin: forms-for-campaign-monitor). The Wordfence document confirms the affected component and describes exploitation as arising from an incorrectly configured access control, with CVSS 3.1 base scor...

4.3CVSS5.8AI score0.00014EPSS

Exploits0References1

Cvelist•added 2026/01/08 9:17 a.m.•25 views

CVE-2026-0674 WordPress Campaign Monitor for WordPress plugin <= 2.9.1 - Broken Access Control vulnerability

4.3CVSS0.00014EPSS

Exploits0References1

CNNVD•added 2026/01/08 12:0 a.m.•1 views

WordPress plugin Campaign Monitor for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

4.3CVSS6.4AI score0.00014EPSS

Exploits0References1

Positive Technologies•added 2026/01/08 12:0 a.m.•2 views

PT-2026-1968

Name of the Vulnerable Software and Affected Versions Campaign Monitor for WordPress versions through 2.9.0 Description A missing authorization issue exists in Campaign Monitor for WordPress forms-for-campaign-monitor, allowing exploitation of incorrectly configured access control security levels...

4.3CVSS6.5AI score0.00014EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2015-4387

Malware in sbrugna...

6.8CVSS6.4AI score0.00174EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-4413

Malware in sbrugna...

4.3CVSS6.4AI score0.00359EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-40801

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00421EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-57438

Malicious code in bioql PyPI...

8.1CVSS8.5AI score0.00205EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-42290

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00193EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:20 a.m.•2 views

CVE-2024-44019

Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension contact-form-7-campaign-monitor-extension.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through = 0.4.67...

9.8CVSS5.9AI score0.00421EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:30 a.m.•4 views

CVE-2023-5098

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges like subscribers from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS...

8.1CVSS6.6AI score0.00205EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 2:21 a.m.•3 views

CVE-2023-38474

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Campaign Monitor Campaign Monitor for WordPress allows Reflected XSS.This issue affects Campaign Monitor for WordPress: from n/a through 2.8.12...

7.1CVSS7.1AI score0.00193EPSS

Exploits0References1

NVD•added 2024/12/03 11:15 a.m.•15 views

CVE-2024-11326

The Campaign Monitor Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS0.01684EPSS

Exploits0References3

Vulnrichment•added 2024/12/03 11:4 a.m.•14 views

CVE-2024-11326 Campaign Monitor Forms by Optin Cat <= 2.5.7 - Reflected Cross-Site Scripting

6.1CVSS6.5AI score0.01684EPSS

Exploits0References3

CVE•added 2024/12/03 11:4 a.m.•45 views

CVE-2024-11326

CVE-2024-11326 relates to the WordPress plugin Campaign Monitor Forms by Optin Cat. It describes a Reflected Cross-Site Scripting vulnerability in all versions up to 2.5.7 caused by using add_query_arg without proper escaping on the URL. This enables unauthenticated attackers to inject JavaScript...

6.1CVSS6.1AI score0.01684EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by