225059 matches found
CVE-2026-42774
CVE-2026-42774 affects WordPress JetEngine plugin
CVE-2026-42776 WordPress Sunshine Photo Cart plugin <= 3.6.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sunshine Photo Cart: from n/a through 3.6.7...
EUVD-2026-31750
Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sunshine Photo Cart: from n/a through 3.6.7...
CVE-2026-42776
The CVE concerns WordPress Sunshine Photo Cart plugin
CVE-2026-45209 WordPress MyCryptoCheckout plugin <= 2.161 - Broken Access Control vulnerability
Missing Authorization vulnerability in edwardplainview MyCryptoCheckout allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MyCryptoCheckout: from n/a through 2.161...
CVE-2026-45209 WordPress MyCryptoCheckout plugin <= 2.161 - Broken Access Control vulnerability
Missing Authorization vulnerability in edwardplainview MyCryptoCheckout allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MyCryptoCheckout: from n/a through 2.161...
CVE-2026-45216 WordPress Smart Manager plugin <= 8.85.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows Privilege Escalation. This issue affects Smart Manager: from n/a through 8.85.0...
CVE-2026-45216
CVE-2026-45216 affects WordPress Smart Manager plugin (
CVE-2026-45217 WordPress Stripe Payment Gateway for WooCommerce plugin <= 5.0.7 - Broken Authentication vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7...
CVE-2026-45217
CVE-2026-45217 concerns the WordPress Stripe Payment Gateway for WooCommerce plugin (≤ 5.0.7). Connected sources describe a Broken Authentication vulnerability allowing an Authentication Bypass via an alternate path or channel, enabling Password Recovery Exploitation. Affected component is the St...
CVE-2026-45438 WordPress Smart Coupons for WooCommerce plugin < 2.3.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Smart Coupons for WooCommerce: from n/a before 2.3.0...
CVE-2026-27346
Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10...
CVE-2026-27398
Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16...
CVE-2026-39436 WordPress CformsII plugin <= 15.1.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3...
CVE-2026-39436 WordPress CformsII plugin <= 15.1.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3...
CVE-2026-24937 WordPress Broadcast Live Video plugin < 7.1.3 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...
EUVD-2026-31759
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...
CVE-2026-48837 WordPress Unlimited Elements For Elementor plugin <= 2.0.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...
CVE-2026-48837
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...
CVE-2026-48837
CVE-2026-48837: SQL Injection in WordPress plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates)