Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

225091 matches found

Vulnrichment
Vulnrichmentadded 2026/05/25 10:18 p.m.9 views

CVE-2026-45438 WordPress Smart Coupons for WooCommerce plugin < 2.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Smart Coupons for WooCommerce: from n/a before 2.3.0...

7.5CVSS5.8AI score0.00289EPSS
Exploits0References1
NVD
NVDadded 2026/05/25 10:16 p.m.9 views

CVE-2026-27346

Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10...

4.9CVSS0.00254EPSS
Exploits0References1
NVD
NVDadded 2026/05/25 10:16 p.m.10 views

CVE-2026-27398

Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16...

5.3CVSS0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/25 10:15 p.m.9 views

CVE-2026-39436 WordPress CformsII plugin <= 15.1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/25 10:15 p.m.20 views

CVE-2026-39436 WordPress CformsII plugin <= 15.1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3...

7.1CVSS0.00131EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/25 10:13 p.m.8 views

CVE-2026-24937 WordPress Broadcast Live Video plugin < 7.1.3 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...

7.2CVSS5.8AI score0.00408EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/25 10:5 p.m.9 views

CVE-2026-48837 WordPress Unlimited Elements For Elementor plugin <= 2.0.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...

8.5CVSS5.8AI score0.00373EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/25 10:5 p.m.11 views

EUVD-2026-31759

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...

8.5CVSS5.8AI score0.00373EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/25 10:5 p.m.16 views

CVE-2026-48837

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...

8.5CVSS5.8AI score0.00373EPSS
Exploits0References2
CVE
CVEadded 2026/05/25 10:5 p.m.38 views

CVE-2026-48837

CVE-2026-48837: SQL Injection in WordPress plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates)

8.5CVSS5.8AI score0.00373EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/25 10:5 p.m.23 views

CVE-2026-48837 WordPress Unlimited Elements For Elementor plugin <= 2.0.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...

8.5CVSS0.00373EPSS
Exploits0References1
CVE
CVEadded 2026/05/25 9:59 p.m.21 views

CVE-2026-27357

CVE-2026-27357 – WordPress WP Search Analytics plugin (

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/05/25 9:58 p.m.11 views

WordPress WP Search Analytics plugin < 1.5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP Search Analytics versions 1.5.0...

5.3CVSS5.8AI score0.00231EPSS
Exploits0Affected Software1
CVE
CVEadded 2026/05/25 9:56 p.m.23 views

CVE-2026-27398

The CVE-2026-27398 entry describes a Missing Authorization vulnerability in the WordPress RSVP and Event Management plugin, affecting versions up to 2.7.16. The issue is classified as a Broken Access Control vulnerability with insecure access configuration allowing exploitation without user inter...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/25 9:56 p.m.19 views

CVE-2026-27398 WordPress RSVP and Event Management plugin <= 2.7.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16...

5.3CVSS0.00231EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/25 9:54 p.m.5 views

CVE-2026-27346

Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10...

4.9CVSS5.8AI score0.00254EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/25 9:54 p.m.19 views

CVE-2026-27346 WordPress B2BKing plugin < 5.2.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10...

4.9CVSS0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/25 9:41 p.m.8 views

CVE-2026-24554 WordPress WPSubscription plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Convers Lab WPSubscription allows Cross Site Request Forgery. This issue affects WPSubscription: from n/a through 1.9.1...

4.3CVSS5.8AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/25 9:41 p.m.20 views

CVE-2026-24554 WordPress WPSubscription plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Convers Lab WPSubscription allows Cross Site Request Forgery. This issue affects WPSubscription: from n/a through 1.9.1...

4.3CVSS0.00122EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/25 9:40 p.m.25 views

CVE-2026-24527 WordPress Autoship Cloud for WooCommerce Subscription Products plugin <= 2.14.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Autoship Cloud for WooCommerce Subscription Products: from n/a through 2.14.0...

4.3CVSS0.002EPSS
Exploits0References1
Rows per page
Query Builder