CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2026/03/26 3:12 p.m.•2 views

CVE-2026-3572

The iTracker360 plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting in all versions up to and including 2.2.0. This is due to missing nonce verification on the settings form submission and insufficient input sanitization combined with missing...

6.1CVSS5.9AI score0.00043EPSS

Exploits0References1

EUVD•added 2026/03/21 12:31 a.m.•0 views

EUVD-2026-13925

6.1CVSS5.9AI score0.00043EPSS

Exploits0References8

NVD•added 2026/03/21 12:16 a.m.•0 views

CVE-2026-3572

6.1CVSS0.00043EPSS

Exploits0References7

CNNVD•added 2026/03/21 12:0 a.m.•2 views

WordPress plugin iTracker360 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.1CVSS5.7AI score0.00043EPSS

Exploits0References7

Cvelist•added 2026/03/20 11:25 p.m.•27 views

CVE-2026-3572 iTracker360 <= 2.2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'itracker_license' Settings Field

6.1CVSS0.00043EPSS

Exploits0References7

CVE•added 2026/03/20 11:25 p.m.•8 views

CVE-2026-3572

The CVE-2026-3572 entry concerns the iTracker360 WordPress plugin (versions up to 2.2.0). It describes a vulnerability where Cross-Site Request Forgery can lead to Stored Cross-Site Scripting via the itracker_license settings field. Root cause is missing nonce verification on settings form submis...

6.1CVSS5.9AI score0.00043EPSS

Exploits0References7

ATTACKERKB•added 2026/03/20 11:25 p.m.•0 views

CVE-2026-3572

6.1CVSS5.9AI score0.00043EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by