Lucene search
K

56118 matches found

RedhatCVE
RedhatCVE
added 4 days ago7 views

CVE-2026-59724

A flaw was found in Engine.IO. When Engine.IO servers have WebTransport enabled, a remote attacker can craft a session ID to resolve an inherited property of the clients object during WebTransport upgrade handling. This can lead to a TypeError, resulting in a denial of service DoS for the server...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References6
Circl
Circl
added 4 days ago6 views

CVE-2026-15330

creationtimestamp| type| source ---|---|--- 2026-07-10 09:57:40+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbv4pxta22y...

7.5CVSS6.1AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-14475

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS0.00294EPSS
Exploits0References7
Chainguard
Chainguard
added 4 days ago10 views

GHSA-5QWX-4Q7J-HWM2 vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-azure, linux-gcp, linux-qemu-melange...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago7 views

GHSA-X6W2-JPMX-X267 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago6 views

GHSA-RJCX-5J87-VP95 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago7 views

GHSA-MCCM-G2CW-25J9 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago5 views

GHSA-X454-5847-5CWH vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago5 views

GHSA-V598-MR98-5866 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago6 views

CVE-2026-13785 vulnerabilities

Vulnerabilities for packages: chromium...

9.6CVSS6.1AI score0.00314EPSS
Exploits0
Wolfi
Wolfi
added 4 days ago5 views

GHSA-2M65-XXR3-MHCV vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago4 views

CVE-2026-14008 vulnerabilities

Vulnerabilities for packages: chromium...

6.5CVSS6.1AI score0.0025EPSS
Exploits0
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42844

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS6.1AI score0.00294EPSS
Exploits0References7
CVE
CVE
added 4 days ago6 views

CVE-2026-14475

The CVE-2026-14475 entry relates to the WordPress plugin “WPLP Cookie Consent” (GDPR/CCPA banner) with a SQL Injection vulnerability via the scan_id parameter in all versions up to 4.3.6. The root cause is insufficient escaping of the user-supplied parameter and inadequate preparation of the exis...

4.9CVSS6.1AI score0.00294EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-14475

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS6.1AI score0.00294EPSS
Exploits0References8
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-14475 Cookie Banner for GDPR / CCPA <= 4.3.6 - Authenticated (Administrator+) SQL Injection via 'scan_id' Parameter

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS0.00294EPSS
Exploits0References7
NVD
NVD
added 4 days ago7 views

CVE-2026-15284

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formpageid' parameter in versions up to, and including, 51.1.62 This is due to insufficient input sanitization in the addtosubmissions function, which applies sanitizetextfield which preserves...

6.4CVSS0.00307EPSS
Exploits0References10
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42798

The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpdevartid’ parameter in all versions up to, and including, 3.2.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...

5.9CVSS6AI score0.00346EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-42793

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formpageid' parameter in versions up to, and including, 51.1.62 This is due to insufficient input sanitization in the addtosubmissions function, which applies sanitizetextfield which preserves...

6.4CVSS6.1AI score0.00307EPSS
Exploits0References10
CVE
CVE
added 4 days ago6 views

CVE-2026-15284

The King Addons for Elementor plugin (WordPress) has a Stored Cross-Site Scripting vulnerability affecting versions up to 51.1.62 via the form_page_id parameter. The root cause is insufficient input sanitization in add_to_submissions() (sanitize_text_field() preserves quotes) combined with missin...

6.4CVSS6.1AI score0.00307EPSS
Exploits0References10
Rows per page
Query Builder