CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

22464 matches found

CVE•added 2026/06/15 8:19 p.m.•12 views

CVE-2026-52697

CVE-2026-52697 affects the WordPress Taskbuilder plugin (versions <= 5.0.7). The vulnerability is an SQL Injection in the Taskbuilder component, with CVSSv3.1 metrics indicating a high-severity issue (8.5) that is network-exploitable, requires low privileges, and does not require user interact...

8.5CVSS5.7AI score0.00349EPSS

Exploits0References1

EUVD•added 2026/06/15 8:19 p.m.•9 views

EUVD-2026-36897

Customer Privilege Escalation in Dokan = 5.0.2 versions...

8.8CVSS5.2AI score0.00283EPSS

Exploits0References1

Vulnrichment•added 2026/06/15 8:19 p.m.•6 views

CVE-2026-49780 WordPress Dokan plugin <= 5.0.2 - Privilege Escalation vulnerability

Customer Privilege Escalation in Dokan = 5.0.2 versions...

8.8CVSS5.2AI score0.00283EPSS

Exploits0References1

OSV•added 2026/06/15 8:19 p.m.•3 views

GHSA-MGF9-4VPG-HJ56 tornado AsyncHTTPClient accumulates decompressed chunks without size limit (gzip bomb)

Tornado's gzip decompression routines work in limited-size chunks, but have no overall limit for the total size of decompressed chunks that they will accumulate There has always been a limit for the total compressed size. This allows a malicious server to consume effectively unlimited amounts of...

7.5CVSS5.4AI score0.00052EPSS

Exploits0References2

Vulnrichment•added 2026/06/15 8:19 p.m.•5 views

CVE-2026-49083 WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability

Contributor Privilege Escalation in LatePoint = 5.5.1 versions...

7.5CVSS5.2AI score0.00313EPSS

Exploits2References1

CVE•added 2026/06/15 8:19 p.m.•24 views

CVE-2026-49083

Summary: CVE-2026-49083 affects the WordPress LatePoint plugin and is a privilege-escalation vulnerability in versions ≤ 5.5.1. What’s affected: WordPress LatePoint plugin (versions up to and including 5.5.1). Impact (as per provided metrics): CVSS 3.1 base score 7.5 (High), with network attack v...

7.5CVSS5.2AI score0.00313EPSS

Exploits2References1

Vulnrichment•added 2026/06/15 8:19 p.m.•6 views

CVE-2026-49063 WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...

7.3CVSS5.2AI score0.00219EPSS

Exploits0References1

EUVD•added 2026/06/15 8:19 p.m.•5 views

EUVD-2026-36871

Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...

7.3CVSS5.2AI score0.00219EPSS

Exploits0References1

EUVD•added 2026/06/15 8:19 p.m.•6 views

EUVD-2026-36866

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

8.1CVSS5.2AI score0.00322EPSS

Exploits0References1

Vulnrichment•added 2026/06/15 8:19 p.m.•6 views

CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

8.1CVSS5.2AI score0.00322EPSS

Exploits0References1

EUVD•added 2026/06/15 8:19 p.m.•8 views

EUVD-2026-36855

Subscriber Cross Site Scripting XSS in WP Job Portal = 2.5.2 versions...

6.5CVSS5.1AI score0.00205EPSS

Exploits0References1

EUVD•added 2026/06/15 8:18 p.m.•6 views

EUVD-2026-36849

Unauthenticated Cross Site Scripting XSS in MW WP Form = 5.1.3 versions...

7.1CVSS5.1AI score0.00244EPSS

Exploits0References1

EUVD•added 2026/06/15 8:18 p.m.•5 views

EUVD-2026-36847

Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...

7.5CVSS5.2AI score0.00278EPSS

Exploits0References1

EUVD•added 2026/06/15 8:18 p.m.•4 views

EUVD-2026-36841

Unauthenticated SQL Injection in Realtyna Organic IDX plugin = 5.1.0 versions...

9.3CVSS5.7AI score0.00291EPSS

Exploits0References1

EUVD•added 2026/06/15 8:18 p.m.•6 views

EUVD-2026-36839

Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.7.2 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

CVE•added 2026/06/15 8:18 p.m.•18 views

CVE-2026-42665

Summary (CVE-2026-42665): Unauthenticated SQL Injection in the WordPress plugin “WP Data Access” (versions

9.3CVSS5.7AI score0.00283EPSS

Exploits0References1

Vulnrichment•added 2026/06/15 8:18 p.m.•5 views

CVE-2026-42658 WordPress Classified Listing plugin <= 5.3.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

EUVD•added 2026/06/15 8:18 p.m.•6 views

EUVD-2026-36823

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

CVE•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-42658

The CVE-2026-42658 entry concerns the WordPress Classified Listing plugin, affected versions

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

Vulnrichment•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-42651 WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS5.1AI score0.00242EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by