CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

92986 matches found

Cvelist•added 2026/03/05 12:26 p.m.•33 views

CVE-2026-2599 Database for Contact Form 7, WPforms, Elementor forms <= 1.4.7 - Unauthenticated PHP Object Injection via 'download_csv'

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.7 via deserialization of untrusted input in the 'downloadcsv' function. This makes it possible for unauthenticated attackers to inject a P...

9.8CVSS0.0021EPSS

Exploits0References4

Vulnrichment•added 2026/03/05 12:26 p.m.•3 views

CVE-2026-2599 Database for Contact Form 7, WPforms, Elementor forms <= 1.4.7 - Unauthenticated PHP Object Injection via 'download_csv'

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.7 via deserialization of untrusted input in the 'downloadcsv' function. This makes it possible for unauthenticated attackers to inject a P...

9.8CVSS6AI score0.0021EPSS

Exploits0References4

Patchstack•added 2026/03/05 11:42 a.m.•4 views

WordPress Morning Records theme <= 1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Morning Records versions = 1.2...

5.8AI score0.00061EPSS

Exploits0Affected Software1

Patchstack•added 2026/03/05 10:25 a.m.•3 views

WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Mrreee in WordPress Plugin Product Feed for WooCommerce versions = 2.3.3...

5.8AI score0.00066EPSS

Exploits0Affected Software1

Patchstack•added 2026/03/05 10:2 a.m.•3 views

WordPress Bus Ticket Booking with Seat Reservation plugin <= 5.6.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Bus Ticket Booking with Seat Reservation versions = 5.6.0...

5.8AI score0.00061EPSS

Exploits0Affected Software1

EUVD•added 2026/03/05 6:30 a.m.•4 views

EUVD-2026-9780

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•1 views

EUVD-2026-9776

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Notarius notarius allows PHP Local File Inclusion.This issue affects Notarius: from n/a through = 1.9...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•2 views

EUVD-2026-9769

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes smart SEO smartSEO allows PHP Local File Inclusion.This issue affects smart SEO: from n/a through = 2.9...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•2 views

EUVD-2026-9751

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX WealthCo wealthco allows PHP Local File Inclusion.This issue affects WealthCo: from n/a through = 2.18...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9741

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Run Gran run-gran allows PHP Local File Inclusion.This issue affects Run Gran: from n/a through = 2.0...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9747

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Sounder sounder allows PHP Local File Inclusion.This issue affects Sounder: from n/a through = 1.3.11...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9735

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Vapester vapester allows PHP Local File Inclusion.This issue affects Vapester: from n/a through = 1.1.10...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9750

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Marcell: from n/a through = 1.2.14...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•2 views

EUVD-2026-9696

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Progress progress allows PHP Local File Inclusion.This issue affects Progress: from n/a through = 1.2...

5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9721

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Tiger Claw tiger-claw allows PHP Local File Inclusion.This issue affects Tiger Claw: from n/a through = 1.1.14...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•1 views

EUVD-2026-9713

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Miller christine-miller allows PHP Local File Inclusion.This issue affects Miller: from n/a through = 1.3.3...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•1 views

EUVD-2026-9689

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Kayon kayon allows PHP Local File Inclusion.This issue affects Kayon: from n/a through = 1.3...

5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•2 views

EUVD-2026-9694

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Tuning tuning allows PHP Local File Inclusion.This issue affects Tuning: from n/a through = 1.3...

5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•0 views

EUVD-2026-9725

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Eject eject allows PHP Local File Inclusion.This issue affects Eject: from n/a through = 2.17...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•2 views

EUVD-2026-9704

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Healer - Doctor, Clinic & Medical WordPress Theme healer allows PHP Local File Inclusion.This issue affects Healer - Doctor, Clinic & Medical WordPress Theme: from n/a...

5.9AI score0.00172EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by