CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

211 matches found

Wordfence Blog•added 2026/06/04 3:3 p.m.•24 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 25, 2026 to May 31, 2026)

Last week, there were 278 vulnerabilities disclosed in 185 WordPress Plugins and 70 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 94 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

7AI score

Exploits0

OSV•added 2026/06/04 12:4 p.m.•9 views

RLSA-2026:20693 Moderate: mysql8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fixes: mysql:...

6.5CVSS7.3AI score0.00323EPSS

Exploits0References20

Positive Technologies•added 2026/06/04 12:0 a.m.•11 views

PT-2026-46340

Unauthenticated Local File Inclusion in Especio = 1.0 versions...

8.1CVSS5.2AI score0.00435EPSS

Exploits0References3

Wordfence Blog•added 2026/05/14 6:20 p.m.•6 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 4, 2026 to May 10, 2026)

Last week, there were 78 vulnerabilities disclosed in 62 WordPress Plugins and 2 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 59 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities i...

6AI score

Exploits0

EUVD•added 2026/04/22 9:31 a.m.•6 views

EUVD-2026-24688

The Breaking News WP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3. This is due to the brnwpajaxform AJAX endpoint lacking both authorization checks and CSRF verification, combined with insufficient path validation when the brnwptheme option...

6.5CVSS5.8AI score0.00814EPSS

Exploits0References8

OSV•added 2026/04/16 1:1 a.m.•8 views

CLEANSTART-2026-UQ68343 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

Multiple security vulnerabilities affect the kyverno-policy-reporter-kyverno-plugin-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerabili...

9.8CVSS7.1AI score0.00765EPSS

Exploits6References41

EUVD•added 2026/04/08 9:32 p.m.•4 views

EUVD-2024-47006

The Easy Image Collage plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajaximagecollage function in all versions up to, and including, 1.13.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

5.4CVSS6AI score0.00453EPSS

Exploits0References3

CNNVD•added 2026/03/13 12:0 a.m.•5 views

WordPress plugin Simple Blog Card 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.9AI score0.00175EPSS

Exploits0References1

Tenable Nessus•added 2026/03/02 12:0 a.m.•6 views

RockyLinux 9 : containernetworking-plugins (RLSA-2026:3341)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3341 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

10CVSS6AI score0.00765EPSS

Exploits3References7

CNNVD•added 2026/02/19 12:0 a.m.•5 views

WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞

4.3CVSS5.8AI score0.00271EPSS

Exploits0References1

CNNVD•added 2026/01/22 12:0 a.m.•3 views

WordPress plugin WPO365 has code-related vulnerabilities

6.4CVSS5.9AI score0.00238EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:31 p.m.•8 views

CVE-2023-4281

This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...

5.3CVSS6.6AI score0.00627EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 11:13 a.m.•11 views

CVE-2016-10762

The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used...

7.5CVSS7.3AI score0.01798EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:11 a.m.•10 views

CVE-2016-10897

The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues...

6.1CVSS6.2AI score0.00913EPSS

Exploits0References1