12 matches found
CVE-2026-57663
CVE-2026-57663 describes a SQL Injection vulnerability in the WordPress plugin Zip Recipes (Recipe Maker For Your Food Blog) versions
CVE-2026-8274
creationtimestamp| type| source ---|---|--- 2026-05-11 06:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116554414807477280 2026-05-11 06:00:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mlklvhdkzv23 2026-05-11 07:01:13+00:00| seen|...
CVE-2026-8063 Post-auth null pointer dereference when aggregating against a view with empty search pipeline
An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...
CVE-2026-32573 WordPress Nelio AB Testing plugin <= 8.2.7 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...
WordPress Nelio AB Testing plugin <= 8.2.7 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by daroo in WordPress Plugin Nelio AB Testing versions = 8.2.7...
CVE-2026-28276
creationtimestamp| type| source ---|---|--- 2026-02-27 07:01:36+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mft5bgfs4b2n 2026-02-27 23:20:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfutx7zcfx2w...
CVE-2025-60201
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in aguilatechnologies WP Customer Area customer-area allows PHP Local File Inclusion.This issue affects WP Customer Area: from n/a through = 8.3.5...
CVE-2025-30827
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saleswonder Team: Tobias WP2LEADS wp2leads allows Reflected XSS.This issue affects WP2LEADS: from n/a through = 3.4.5...
CVE-2024-8207
creationtimestamp| type| source ---|---|--- 2024-08-27 14:53:13+00:00| seen| https://t.me/cvedetector/4240 2025-05-16 23:35:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16764...
WordPress Plugin Rextheme WP VR – 360 Panorama and Virtual Tour Builde 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress Plugin Rextheme ...
PT-2023-20261 · WordPress · Rextheme Wp Vr – 360 Panorama/Virtual Tour Builder
Name of the Vulnerable Software and Affected Versions: Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin versions = 8.2.7 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user...
XSS vulnerability in phpok version 4.8.278
phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An XSS vulnerability exists in phpok version 4.8.278. The vulnerability stems from insufficient filtering of URL jump parameters, which can be exploited by attackers to obtain...