Lucene search
K

28061 matches found

NVD
NVD
added 2026/01/24 8:16 a.m.6 views

CVE-2026-0806

The WP-ClanWars plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 2.0.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

4.9CVSS0.00371EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.7 views

WordPress plugin MetForm has a licensing issue vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

3.7CVSS5.8AI score0.00187EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.6 views

CVE-2025-67954

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Retrieve Embedded Sensitive Data.This issue affects Salon booking system: from n/a through = 10.30.3...

6.5CVSS5.4AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.6 views

CVE-2025-63051

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in sizam REHub Framework rehub-framework allows Retrieve Embedded Sensitive Data.This issue affects REHub Framework: from n/a through 19.9.9.4...

4.3CVSS5.4AI score0.00314EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.6 views

CVE-2025-68035

Insertion of Sensitive Information Into Sent Data vulnerability in tabbyai Tabby Checkout tabby-checkout allows Retrieve Embedded Sensitive Data.This issue affects Tabby Checkout: from n/a through = 5.8.4...

7.5CVSS5.4AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.5 views

CVE-2025-63019

Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy allows Retrieve Embedded Sensitive Data.This issue affects Cookies and Content Security Policy: from n/a through = 2.34...

5.3CVSS5.4AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.5 views

CVE-2025-68006

Insertion of Sensitive Information Into Sent Data vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Retrieve Embedded Sensitive Data.This issue affects Booking Ultra Pro: from n/a through = 1.1.23...

6.5CVSS5.4AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.7 views

CVE-2025-68046

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...

6.5CVSS5.4AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.5 views

CVE-2026-24593

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Retrieve Embedded Sensitive Data.This issue affects AWP Classifieds: from n/a through = 4.4.3...

5.3CVSS0.00305EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.4 views

CVE-2026-24589

Insertion of Sensitive Information Into Sent Data vulnerability in Cargus eCommerce Cargus cargus allows Retrieve Embedded Sensitive Data.This issue affects Cargus: from n/a through = 1.5.8...

5.3CVSS0.00305EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.10 views

CVE-2026-24565

Insertion of Sensitive Information Into Sent Data vulnerability in bPlugins B Accordion b-accordion allows Retrieve Embedded Sensitive Data.This issue affects B Accordion: from n/a through = 2.0.2...

6.5CVSS0.00276EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.5 views

CVE-2026-24559

Insertion of Sensitive Information Into Sent Data vulnerability in CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot allows Retrieve Embedded Sensitive Data.This issue affects Integration for Contact Form 7 HubSpot: from n/a through = 1.4.3...

5.3CVSS0.0024EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.6 views

CVE-2026-24557

Insertion of Sensitive Information Into Sent Data vulnerability in WEN Solutions Contact Form 7 GetResponse Extension contact-form-7-getresponse-extension allows Retrieve Embedded Sensitive Data.This issue affects Contact Form 7 GetResponse Extension: from n/a through = 1.0.8...

5.3CVSS0.0024EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.4 views

CVE-2026-24553

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dotstore Fraud Prevention For Woocommerce woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers allows Retrieve Embedded Sensitive Data.This issue affects Fraud Prevention For Woocommerce: fro...

4.3CVSS0.00215EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.5 views

CVE-2026-24536

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through = 4.38.0...

5.3CVSS0.00305EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.8 views

CVE-2026-24523

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Retrieve Embedded Sensitive Data.This issue affects WP FullCalendar: from n/a through = 1.6...

5.3CVSS0.00296EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:29 p.m.2 views

CVE-2026-24593

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Retrieve Embedded Sensitive Data.This issue affects AWP Classifieds: from n/a through = 4.4.3...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References2
CVE
CVE
added 2026/01/23 2:29 p.m.12 views

CVE-2026-24593

CVE-2026-24593 affects the WordPress plugin AWP Classifieds (versions 4.4.3 or apply vendor-provided fixes as they become available. (Mode C, details-supported, no speculation.)

5.3CVSS5.4AI score0.00305EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:29 p.m.2 views

CVE-2026-24593 WordPress AWP Classifieds plugin <= 4.4.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Retrieve Embedded Sensitive Data.This issue affects AWP Classifieds: from n/a through = 4.4.3...

5.3CVSS5.4AI score0.00305EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:29 p.m.26 views

CVE-2026-24593 WordPress AWP Classifieds plugin <= 4.4.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Retrieve Embedded Sensitive Data.This issue affects AWP Classifieds: from n/a through = 4.4.3...

5.3CVSS0.00305EPSS
Exploits0References1
Rows per page
Query Builder