11966 matches found
EUVD-2026-4068
Deserialization of Untrusted Data vulnerability in themeton Consult Aid consultaid allows Object Injection.This issue affects Consult Aid: from n/a through = 1.4.3...
EUVD-2026-4077
Missing Authorization vulnerability in merkulove Crumber crumber-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crumber: from n/a through = 1.0.10...
EUVD-2026-4065
Missing Authorization vulnerability in merkulove Uper for Elementor uper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uper for Elementor: from n/a through = 1.0.5...
EUVD-2026-4074
Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through = 1.0.3...
EUVD-2026-4063
Missing Authorization vulnerability in merkulove Motionger for Elementor motionger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Motionger for Elementor: from n/a through = 2.0.4...
EUVD-2026-4053
Missing Authorization vulnerability in wproyal Bard bard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bard: from n/a through = 2.229...
EUVD-2026-4052
Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy allows Retrieve Embedded Sensitive Data.This issue affects Cookies and Content Security Policy: from n/a through = 2.34...
EUVD-2026-4081
Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Pool Services pool-services allows Server Side Request Forgery.This issue affects Pool Services: from n/a through = 3.3...
EUVD-2026-4073
Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.5...
EUVD-2026-4069
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...
EUVD-2026-4117
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in adamlabs WordPress Photo Gallery photo-gallery-portfolio allows Reflected XSS.This issue affects WordPress Photo Gallery: from n/a through = 1.1.0...
EUVD-2026-4095
Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...
EUVD-2026-4108
Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...
EUVD-2026-4104
Missing Authorization vulnerability in cozythemes HomeLancer homelancer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HomeLancer: from n/a through = 1.0.1...
EUVD-2026-4085
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Reflected XSS.This issue affects Accordion Slider PRO: from n/a through = 1.2...
EUVD-2026-4105
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
EUVD-2026-4107
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Magic Slider magicslider allows Reflected XSS.This issue affects Magic Slider: from n/a through = 2.2...
EUVD-2026-4100
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Magic Responsive Slider and Carousel WordPress magiccarousel allows Reflected XSS.This issue affects Magic Responsive Slider and Carousel WordPress: from n/a through = 1.6...
EUVD-2026-4091
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...
EUVD-2026-4125
Cross-Site Request Forgery CSRF vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Cross Site Request Forgery.This issue affects Element Pack Elementor Addons: from n/a through = 8.3.13...