CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6150 matches found

CVE•added 3 days ago•12 views

CVE-2026-8613

The CVE-2026-8613 entry concerns the WordPress plugin aThemes Addons for Elementor (

6.4CVSS5.7AI score0.00042EPSS

Exploits0References8

EUVD•added 3 days ago•6 views

EUVD-2026-35996

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'titletag' Widget Setting in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.00042EPSS

Exploits0References8

Circl•added 3 days ago•9 views

CVE-2026-11837

creationtimestamp| type| source ---|---|--- 2026-06-10 06:00:45+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mnvzvhfhhz25 2026-06-10 06:00:51+00:00| seen| https://infosec.exchange/users/offseq/statuses/116724284473192022 2026-06-10 08:41:51+00:00| seen|...

7.3CVSS5.3AI score0.00021EPSS

Exploits0References3

Circl•added 3 days ago•6 views

CVE-2026-53673

creationtimestamp| type| source ---|---|--- 2026-06-10 01:00:29+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnvj4j6dmr2v 2026-06-10 01:37:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnvl5ug2g62m...

8.6CVSS5.3AI score0.00022EPSS

Exploits0References2

Circl•added 3 days ago•5 views

CVE-2026-46518

creationtimestamp| type| source ---|---|--- 2026-06-10 01:00:03+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnvj3po4ik2r 2026-06-10 02:00:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnvmi3n2fb2n...

8.7CVSS5.3AI score0.0004EPSS

Exploits1References2

Circl•added 3 days ago•6 views

CVE-2026-34183

creationtimestamp| type| source ---|---|--- 2026-06-10 00:01:48+00:00| seen| https://bsky.app/profile/slackers.it/post/3mnvftkqgtb2f 2026-06-10 00:01:53+00:00| seen| https://bsky.app/profile/slackers.it/post/3mnvftlx3qx2t 2026-06-10 20:00:00+00:00| seen|...

7.5CVSS5.3AI score0.00038EPSS

Exploits0References3

Positive Technologies•added 3 days ago•5 views

PT-2026-48552

Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation in the cdp action handling AJAX handler. Attackers with an enabled role can delete posts or overwrite plugin settings via the f parameter, bypassing per-function capability checks...

8.1CVSS5.4AI score0.00036EPSS

Exploits0References3

Positive Technologies•added 3 days ago•7 views

PT-2026-48392

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'title tag' Widget Setting in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.00042EPSS

Exploits0References9

Circl•added 4 days ago•6 views

CVE-2026-7473

creationtimestamp| type| source ---|---|--- 2026-06-09 18:00:32+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8b1e6079-9ba4-4edb-bc5e-097b92ce08d1 2026-06-09 18:11:55+00:00| seen| https://infosec.exchange/users/AAKL/statuses/116721479487661795 2026-06-09...

6.9CVSS5.3AI score0.2722EPSS

Exploits1References5

Circl•added 4 days ago•7 views

CVE-2026-24181

creationtimestamp| type| source ---|---|--- 2026-06-09 17:16:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnup5oegg42v 2026-06-09 18:16:15+00:00| seen| https://infosec.exchange/users/AAKL/statuses/116721479487661795...

7.3CVSS5.3AI score0.00011EPSS

Exploits0References2

Circl•added 4 days ago•6 views

CVE-2026-45657

creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review 2026-06-09 18:45:12+00:00| seen|...

9.8CVSS5.4AI score0.00137EPSS

Exploits0References24

Circl•added 4 days ago•6 views

CVE-2026-50507

6.8CVSS5.6AI score0.00099EPSS

Exploits0References15

Circl•added 4 days ago•5 views

CVE-2026-42489

creationtimestamp| type| source ---|---|--- 2026-06-09 13:32:26+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mnucoaa2ss26 2026-06-09 13:41:01+00:00| seen| https://infosec.exchange/users/andersonc0d3/statuses/116720431315436112 2026-06-10 04:24:52+00:00| seen|...

5.3AI score

Exploits0References3

NVD•added 4 days ago•7 views

CVE-2017-20251

WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...

9.8CVSS0.00068EPSS

Exploits1References3

Circl•added 4 days ago•7 views

CVE-2026-41031

creationtimestamp| type| source ---|---|--- 2026-06-09 12:00:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnu5ju3mrd2l 2026-06-09 12:07:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnu5wos3ls2h...

9.3CVSS5.3AI score0.00041EPSS

Exploits0References2

Circl•added 4 days ago•6 views

CVE-2026-10523

creationtimestamp| type| source ---|---|--- 2026-06-09 08:30:20+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-567 2026-06-09 17:18:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnupbjfggb2x 2026-06-09 17:28:39+00:00| seen|...

9.9CVSS5.4AI score0.09061EPSS

Exploits3References17

Circl•added 4 days ago•6 views

CVE-2026-46748

creationtimestamp| type| source ---|---|--- 2026-06-09 07:30:01+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-prodotti-siemens-22 2026-06-09 11:00:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnu26u7t3u2y 2026-06-09 12:12:42+00:00| seen|...

8.8CVSS5AI score0.00042EPSS

Exploits0References4

Cvelist•added 4 days ago•27 views

CVE-2026-8940 WP Meta Sort Posts <= 0.9 - Cross-Site Request Forgery to Plugin Settings Update

The WP Meta Sort Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9. This is due to missing or incorrect nonce validation on the top-level included script in msp-options.php. This makes it possible for unauthenticated attackers to chan...

4.3CVSS0.00013EPSS

Exploits0References5

CVE•added 4 days ago•10 views

CVE-2026-8940

The CVE-2026-8940 entry concerns WordPress plugin WP Meta Sort Posts (versions

4.3CVSS5.4AI score0.00013EPSS

Exploits0References5

Circl•added 4 days ago•5 views

CVE-2026-27671

creationtimestamp| type| source ---|---|--- 2026-06-09 01:20:31+00:00| seen| https://www.acn.gov.it/portale/w/sap-security-patch-day-17 2026-06-09 03:30:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mntb2d6qye2p 2026-06-09 04:30:27+00:00| seen|...

9.8CVSS5.3AI score0.00042EPSS

Exploits0References16

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by