CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added last week•13 views

CVE-2026-39438

CVE-2026-39438 : Unauthenticated SQL Injection in the WordPress ListingPro plugin (versions

9.3CVSS5.7AI score0.00372EPSS

Cvelist•added last week•26 views

CVE-2026-39438 WordPress ListingPro plugin <= 2.9.10 - SQL Injection vulnerability

Unauthenticated SQL Injection in ListingPro = 2.9.10 versions...

9.3CVSS0.00372EPSS

Positive Technologies•added 2026/06/16 12:0 a.m.•5 views

PT-2026-50093

Unauthenticated SQL Injection in ListingPro = 2.9.10 versions...

9.3CVSS5.8AI score0.00372EPSS

VulnCheck KEV•added 2026/05/04 12:0 a.m.•5 views

VulnCheck KEV: CVE-2025-64377

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CridioStudio ListingPro listingpro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.10...

8.1CVSS5.8AI score0.00344EPSS

In wildExploits0References2

Patchstack•added 2026/04/21 2:25 p.m.•3 views

WordPress ListingPro plugin <= 2.9.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO in WordPress Plugin ListingPro versions = 2.9.10...

5.8AI score0.00372EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/03/06 7:54 a.m.•5 views

CVE-2026-28122

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows Reflected XSS.This issue affects ListingPro: from n/a through = 2.9.8...

7.1CVSS5.8AI score0.00146EPSS

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9774

NVD•added 2026/03/05 6:16 a.m.•7 views

CVE-2026-28122

7.1CVSS0.00146EPSS

CVE•added 2026/03/05 5:54 a.m.•10 views

CVE-2026-28122

CVE-2026-28122 is a Reflected Cross-Site Scripting vulnerability in the ListingPro WordPress plugin (ListingPro plugin) affecting versions up to 2.9.8. The issue arises from Improper Neutralization of Input During Web Page Generation, allowing an attacker to inject and execute script in a victim’...

ATTACKERKB•added 2026/03/05 5:54 a.m.•5 views

CVE-2026-28122

5.9AI score0.00146EPSS

Vulnrichment•added 2026/03/05 5:54 a.m.•4 views

CVE-2026-28122 WordPress ListingPro plugin <= 2.9.8 - Reflected Cross Site Scripting (XSS) vulnerability

Cvelist•added 2026/03/05 5:54 a.m.•30 views

CVE-2026-28122 WordPress ListingPro plugin <= 2.9.8 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00146EPSS

Positive Technologies•added 2026/03/05 12:0 a.m.•4 views

PT-2026-23394

5.9AI score0.00146EPSS

CNNVD•added 2026/03/05 12:0 a.m.•5 views

WordPress plugin ListingPro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.6AI score0.00146EPSS

Patchstack•added 2026/02/26 10:40 a.m.•6 views

WordPress ListingPro plugin <= 2.9.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin ListingPro versions = 2.9.8...

Exploits0Affected Software1

RedhatCVE•added 2026/01/23 9:17 p.m.•7 views

CVE-2025-69051

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Reflected XSS.This issue affects ListingPro Reviews: from n/a through 2.9.11...

7.1CVSS5.9AI score0.00228EPSS

NVD•added 2026/01/22 5:16 p.m.•3 views

CVE-2025-69051

7.1CVSS0.00228EPSS