CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/02/12 2:23 a.m.•14 views

CVE-2026-1537

CVE-2026-1537 pertains to the WordPress plugin LatePoint – Calendar Booking Plugin for Appointments and Events. The vulnerability is an missing authorization to booking details exposure in all versions up to and including 5.2.6, enabling unauthenticated attackers to view sensitive booking data (c...

ATTACKERKB•added 2026/02/12 2:23 a.m.•1 views

CVE-2026-1537

Vulnrichment•added 2026/02/12 2:23 a.m.•3 views

CVE-2026-1537 LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Missing Authorization to Booking Details Exposure

CNNVD•added 2026/02/12 12:0 a.m.•2 views

Centova Cast 安全漏洞

Centova Cast is an internet-based broadcast streaming media management control panel developed by Centova Corporation in Canada. Version 3.2.12 of Centova Cast contains a security vulnerability. This vulnerability stems from the repeated invocation of the database export API endpoint, which could...

7.5CVSS5.8AI score0.00069EPSS

CNNVD•added 2026/02/12 12:0 a.m.•2 views

HAProxy 安全漏洞

HAProxy is an open-source TCP/HTTP load balancing server developed by the French company HAProxy. This server provides layer-4 and layer-7 proxy services and can support tens of thousands of connections. It features efficiency and stability. However, HAProxy has security vulnerabilities,...

5.8AI score

Exploits0References1

Positive Technologies•added 2026/02/12 12:0 a.m.•1 views

PT-2026-7813

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the load step function in all versions up to, and including, 5.2.6. This makes it possible for unauthenticated attackers to vi...

NVD•added 2026/02/11 11:16 p.m.•3 views

CVE-2026-20673

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages” may not apply to all mail previews...

5.3CVSS0.00015EPSS

OSV•added 2026/02/11 11:16 p.m.•1 views

CVE-2026-20673

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messages” may not apply to all mail previews...

5.3CVSS5.8AI score0.00015EPSS

ATTACKERKB•added 2026/02/11 10:58 p.m.•5 views

CVE-2026-20673

5.3CVSS5.9AI score0.00015EPSS

Exploits0References5

EUVD•added 2026/02/11 10:58 p.m.•3 views

EUVD-2026-5922

5.3CVSS5.5AI score0.00015EPSS

Snyk•added 2026/02/11 6:55 p.m.•4 views

Deserialization of Untrusted Data

Overview diskcache is a Disk Cache -- Disk and file backed persistent cache. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the unsafe use of the pickle.load function in the Cache class. An attacker can execute arbitrary code by writing malicious data...

9.8CVSS6.2AI score0.00041EPSS

Exploits1References2

Cvelist•added 2026/02/11 9:27 a.m.•21 views

CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more

The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...

5.3CVSS0.00018EPSS

ATTACKERKB•added 2026/02/11 9:27 a.m.•3 views

CVE-2026-2295

CVE•added 2026/02/11 9:27 a.m.•14 views

CVE-2026-2295

CVE-2026-2295 affects the WordPress plugin “WPZOOM Addons for Elementor – Starter Templates & Widgets” up to version 1.3.2, exposing protected post titles and excerpts via an unauthenticated request to ajax_post_grid_load_more due to a missing capability check. Multiple sources (Wordfence, CVE en...

Vulnrichment•added 2026/02/11 9:27 a.m.•4 views

CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more

RedhatCVE•added 2026/02/11 7:30 a.m.•2 views

CVE-2026-2099

AgentFlow developed by Flowring has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

5.4CVSS5.5AI score0.00053EPSS

Exploits0References1

Positive Technologies•added 2026/02/11 12:0 a.m.•5 views

PT-2026-7511

The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax post grid load more' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated...

Patchstack•added 2026/02/10 11:27 p.m.•4 views

WordPress WPZOOM Addons for Elementor - Starter Templates & Widgets plugin <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more vulnerability

WordPress WPZOOM Addons for Elementor - Starter Templates & Widgets plugin = 1.3.2 - Unauthenticated Protected Post Exposure via ajaxpostgridloadmore vulnerability discovered by Webbernaut in WordPress Plugin WPZOOM Addons for Elementor versions = 1.3.2...