95 matches found
WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting
WordPress Essential Real Estate plugin before 3.9.6 contains an authenticated cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters, which can allow someone with a role as low as admin to inject arbitrary script in the browser of an unsuspecting user in the...
CVE-2026-39714
Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects G5Plus April: from n/a through = 6.8...
CVE-2026-39668
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
EUVD-2026-20425
Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects G5Plus April: from n/a through = 6.8...
EUVD-2026-20342
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
CVE-2026-39714
Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects G5Plus April: from n/a through = 6.8...
CVE-2026-39668
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
CVE-2026-39714
Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects G5Plus April: from n/a through = 6.8...
PT-2026-31230
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
CVE-2026-27088
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Darna Framework darna-framework allows Reflected XSS.This issue affects Darna Framework: from n/a through = 2.9...
CVE-2026-27087
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine Framework: from n/a through = 1.9...
CVE-2026-22520
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Handmade Framework handmade-framework allows Reflected XSS.This issue affects Handmade Framework: from n/a through = 3.9...
EUVD-2026-15797
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine Framework: from n/a through = 1.9...
EUVD-2026-15800
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Darna Framework darna-framework allows Reflected XSS.This issue affects Darna Framework: from n/a through = 2.9...
EUVD-2025-208997
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Zorka zorka allows Reflected XSS.This issue affects Zorka: from n/a through = 1.5.7...
CVE-2026-27087
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine Framework: from n/a through = 1.9...
CVE-2026-22520
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Handmade Framework handmade-framework allows Reflected XSS.This issue affects Handmade Framework: from n/a through = 3.9...
CVE-2026-27087
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine Framework: from n/a through = 1.9...
PT-2026-27838
Name of the Vulnerable Software and Affected Versions G5Theme Handmade Framework versions through 3.9 Description The software contains a flaw related to improper input handling during web page creation, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker to inject...
PT-2026-27985
Name of the Vulnerable Software and Affected Versions G5Theme Darna Framework versions through 2.9 Description The Darna Framework contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows for the...