224023 matches found
CVE-2026-48964 WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.6 - SQL Injection vulnerability
Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System = 3.3.6 versions...
CVE-2026-48889 WordPress Amelia plugin <= 2.3 - Privilege Escalation vulnerability
Subscriber Privilege Escalation in Amelia = 2.3 versions...
CVE-2026-48887 WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...
CVE-2026-48887 WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...
CVE-2026-48889 WordPress Amelia plugin <= 2.3 - Privilege Escalation vulnerability
Subscriber Privilege Escalation in Amelia = 2.3 versions...
CVE-2026-48889
The CVE-2026-48889 entry concerns the WordPress Amelia plugin (versions <= 2.3) with a privilege escalation vulnerability affecting subscribers. The attached metrics indicate a high severity (CVSS v3.1 base score 8.8) with network attack vector, low attack complexity, and privileges required a...
CVE-2026-48886 WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability
Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...
CVE-2026-48886 WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability
Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...
CVE-2026-48886
The CVE-2026-48886 entry describes an unauthenticated SQL Injection in WordPress JS Help Desk plugin versions
CVE-2026-48885 WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in HollerBox = 2.3.10.1 versions...
CVE-2026-48885 WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in HollerBox = 2.3.10.1 versions...
CVE-2026-48885
CVE-2026-48885 concerns a Cross-Site Scripting (XSS) vulnerability in the WordPress HollerBox plugin for versions ≤ 2.3.10.1. The issue is described as unauthenticated XSS. The PatchStack entry assigns a CVSS v3.1 base score of 7.1 (HIGH), with network attack vector, no privileges required, user ...
CVE-2026-48882 WordPress WP Time Slots Booking Form plugin <= 1.2.50 - SQL Injection vulnerability
Subscriber SQL Injection in WP Time Slots Booking Form = 1.2.50 versions...
CVE-2026-48881 WordPress TrueBooker plugin <= 1.1.9 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in TrueBooker = 1.1.9 versions...
CVE-2026-48882 WordPress WP Time Slots Booking Form plugin <= 1.2.50 - SQL Injection vulnerability
Subscriber SQL Injection in WP Time Slots Booking Form = 1.2.50 versions...
CVE-2026-48881
Summary: CVE-2026-48881 affects the WordPress TrueBooker plugin (
CVE-2026-48880 WordPress WP Job Portal plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in WP Job Portal = 2.5.2 versions...
CVE-2026-48880
WP Job Portal (WordPress) plugin
CVE-2026-48874
The CVE documents an SQL Injection in WordPress GamiPress plugin versions
CVE-2026-48874 WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability
Subscriber SQL Injection in GamiPress = 7.8.7 versions...