CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15869 matches found

CVE•added 2026/03/05 5:54 a.m.•16 views

CVE-2026-28100

CVE-2026-28100 is a reflected XSS in LambertGroup UberSlider PerpetuumMobile (uberSlider_perpetuummobile) affecting versions up to and including 2.3. The issue is caused by improper neutralization of input during web page generation. CVSS v3.1 base score 7.1 (High) with Network attack vector, no ...

7.1CVSS5.9AI score0.0018EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•27 views

CVE-2026-28071 WordPress pixfort Core plugin <= 3.2.22 - Broken Access Control vulnerability

Missing Authorization vulnerability in PixFort pixfort Core pixfort-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects pixfort Core: from n/a through = 3.2.22...

6.3CVSS0.00189EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•30 views

CVE-2026-28037 WordPress EventON plugin <= 4.9.12 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ashanjay EventON eventon allows Reflected XSS.This issue affects EventON: from n/a through = 4.9.12...

7.1CVSS0.0018EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•2 views

CVE-2026-27411 WordPress SiteGuard WP Plugin plugin <= 1.7.9 - Captcha Bypass vulnerability

Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through = 1.7.9...

5.8AI score0.00187EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-23802 WordPress AI Engine plugin <= 3.3.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through = 3.3.2...

9.1CVSS5.8AI score0.00465EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2025-69338 WordPress Riode Core plugin <= 1.6.26 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/a through = 1.6.26...

6AI score0.00383EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•3 views

WordPress plugin Wanderland 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.1CVSS5.8AI score0.00519EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•4 views

WordPress plugin Coleo 安全漏洞

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•3 views

WordPress plugin WowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead Generation 安全漏洞

8.8CVSS5.8AI score0.00276EPSS

Exploits0References3

CNNVD•added 2026/03/05 12:0 a.m.•6 views

WordPress plugin UberSlider PerpetuumMobile 安全漏洞

7.1CVSS5.6AI score0.0018EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•4 views

WordPress plugin Dr.Patterson 安全漏洞

8.1CVSS5.8AI score0.00327EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•6 views

WordPress plugin Motorix 安全漏洞

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•5 views

WordPress plugin Login with Salesforce 安全漏洞

9.1CVSS5.8AI score0.0024EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•6 views

WordPress plugin smart SEO 安全漏洞

8.1CVSS5.8AI score0.00327EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•5 views

WordPress plugin NextScripts 代码问题漏洞

8.8CVSS5.9AI score0.00355EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•6 views

WordPress plugin JetEngine 安全漏洞

8.5CVSS6.1AI score0.00234EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•8 views

WordPress plugin Site Suggest 安全漏洞

6.5CVSS5.8AI score0.00242EPSS

Exploits0References1

Cvelist•added 2026/03/04 9:24 a.m.•404 views

CVE-2023-7337 JS Help Desk – AI-Powered Support & Ticketing System 2.8.2 - Unauthenticated SQL Injection via 'js-support-ticket-token-tkstatus' Cookie

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied...

7.5CVSS0.01317EPSS

Exploits0References2

ATTACKERKB•added 2026/03/04 8:23 a.m.•2 views

CVE-2026-1236

The Envira Gallery for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'justifiedgallerytheme' parameter in all versions up to, and including, 1.12.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS6AI score0.00193EPSS

Exploits0References5

Patchstack•added 2026/03/02 11:24 p.m.•7 views

WordPress Blocksy plugin <= 2.1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via `blocksy_meta` Fields vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via blocksymeta Fields vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Theme Blocksy versions = 2.1.30...

6.4CVSS5.9AI score0.00194EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by