CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

112 matches found

NVD•added 2026/05/27 8:16 a.m.•11 views

CVE-2026-40826

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvocontracts view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

6.9CVSS0.00043EPSS

Exploits0References1

CVE•added 2026/05/27 7:52 a.m.•8 views

CVE-2026-40826

CVE-2026-40826 involves an unauthenticated SQL injection in the dsgvo_contracts view. The vulnerability arises from improper neutralization of special elements in a SQL SELECT command. A high-privileged remote attacker can exploit this to achieve a total loss of confidentiality. The available doc...

6.9CVSS5.9AI score0.00043EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 7:52 a.m.•3 views

CVE-2026-40826

6.9CVSS5.9AI score0.00043EPSS

Exploits0References2Affected Software4

EUVD•added 2026/05/27 7:52 a.m.•6 views

EUVD-2026-32130

6.9CVSS5.9AI score0.00043EPSS

Exploits0References1

Cvelist•added 2026/05/27 7:52 a.m.•22 views

CVE-2026-40826 Authenticated SQLi in dsgvo_contracts view

6.9CVSS0.00043EPSS

Exploits0References1

Positive Technologies•added 2026/05/27 12:0 a.m.•5 views

PT-2026-43565

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvo contracts view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

6.9CVSS5.9AI score0.00043EPSS

Exploits0References2

ATTACKERKB•added 2026/03/24 4:27 a.m.•1 views

CVE-2026-4283

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a processnow parameter from unauthenticated users, which bypasses the intended email-confirmation...

9.1CVSS5.8AI score0.00204EPSS

Exploits0References8

Positive Technologies•added 2026/03/24 12:0 a.m.•1 views

PT-2026-27328

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a process now parameter from unauthenticated users, which bypasses the intended email-confirmatio...

9.1CVSS5.8AI score0.00204EPSS

Exploits0References8

ATTACKERKB•added 2026/01/23 12:26 p.m.•4 views

CVE-2026-0914

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lwcontentblock' shortcode in all versions up to, and including, 3.1.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.6AI score0.00016EPSS

Exploits0References4

Vulnrichment•added 2026/01/23 12:26 p.m.•3 views

CVE-2026-0914 WP DSGVO Tools (GDPR) <= 3.1.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'lw_content_block' Shortcode

6.4CVSS5.8AI score0.00016EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 8:46 a.m.•8 views

CVE-2025-23866

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E. Marten EU DSGVO Helper dsgvo allows Reflected XSS.This issue affects EU DSGVO Helper: from n/a through = 1.0.6.1...

7.1CVSS7.2AI score0.00206EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-11208

Malware in sbrugna...

6.1CVSS6.2AI score0.0775EPSS

Exploits2References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-3487