224023 matches found
EUVD-2026-36840
Unauthenticated Cross Site Scripting XSS in Product Filter Widget for Elementor = 1.0.6 versions...
CVE-2026-45437 WordPress Product Filter Widget for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Product Filter Widget for Elementor = 1.0.6 versions...
CVE-2026-42775 WordPress AutomatorWP plugin <= 5.7.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.7.2 versions...
CVE-2026-42752 WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability
Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...
CVE-2026-42752 WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability
Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...
CVE-2026-42752
The CVE-2026-42752 entry concerns the WordPress Stripe Payments plugin (versions up to 2.0.98). It describes an unauthenticated bypass vulnerability in Stripe Payments
CVE-2026-42775
The CVE-2026-42775 issue affects the WordPress plugin AutomatorWP (versions ≤ 5.7.2). It is an unauthenticated Cross Site Scripting (XSS) vulnerability in AutomatorWP ≤ 5.7.2. The provided data lists a CVSS v3.1 base score of 7.1 (High) with network attack vector, no privileges required, and user...
CVE-2026-42775 WordPress AutomatorWP plugin <= 5.7.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.7.2 versions...
CVE-2026-42743
The CVE concerns WordPress Masteriyo LMS plugin versions ≤ 2.1.8 with an Unauthenticated Broken Authentication vulnerability. Impact is described as low confidentiality and integrity (CVSS v3.1: 6.5, MEDIUM). The issue is in Masteriyo-LMS prior to or at 2.1.8, enabling access without authenticati...
CVE-2026-42743 WordPress Masteriyo - LMS plugin <= 2.1.8 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...
CVE-2026-42743 WordPress Masteriyo - LMS plugin <= 2.1.8 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...
CVE-2026-42688 WordPress Modula Image Gallery plugin <= 2.14.23 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in Modula Image Gallery = 2.14.23 versions...
CVE-2026-42687 WordPress EventPrime plugin <= 4.3.2.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in EventPrime = 4.3.2.1 versions...
CVE-2026-42687
The CVE-2026-42687 entry concerns the WordPress EventPrime plugin (versions ≤ 4.3.2.1). It describes an unauthenticated PHP Object Injection vulnerability in EventPrime, with a CVSS v3.1 base score of 8.1 (HIGH) and a network attack vector, no user interaction, and high impact on confidentiality,...
CVE-2026-42686 WordPress EventPrime plugin <= 4.3.2.1 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in EventPrime = 4.3.2.1 versions...
CVE-2026-42686 WordPress EventPrime plugin <= 4.3.2.1 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in EventPrime = 4.3.2.1 versions...
CVE-2026-42668 WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.18.0 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
CVE-2026-42686
WordPress EventPrime plugin
CVE-2026-42668 WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.18.0 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
CVE-2026-42667
The CVE details an unauthenticated sensitive data exposure in the WordPress Bookly plugin, version