Lucene search
K

126332 matches found

Cvelist
Cvelist
added 2026/06/26 2:52 p.m.30 views

CVE-2026-57318 WordPress Site Reviews plugin <= 8.0.11 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS0.00355EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.4 views

EUVD-2026-39729

Subscriber Sensitive Data Exposure in GetGenie = 4.4.2 versions...

6.5CVSS5.8AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.30 views

CVE-2026-57316 WordPress GetGenie plugin <= 4.4.2 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in GetGenie = 4.4.2 versions...

6.5CVSS0.00355EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.8 views

CVE-2026-56060

The CVE concerns the WordPress plugin Print Invoice & Delivery Notes for WooCommerce . Affected: WooCommerce plugin versions up to and including 7.1.1 . Vulnerability: Unauthenticated Sensitive Data Exposure when generating prints for invoices and delivery notes, allowing access to confidential d...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39714

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.3 views

EUVD-2026-39681

Unauthenticated Sensitive Data Exposure in Trinity Backup Backup, Migrate, Restore, Clone & Schedule Backups = 2.0.9 versions...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.30 views

CVE-2026-54839 WordPress Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups plugin <= 2.0.9 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Trinity Backup Backup, Migrate, Restore, Clone & Schedule Backups = 2.0.9 versions...

7.5CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.10 views

CVE-2026-54839

The CVE concerns the WordPress Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups plugin, affected

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.3 views

EUVD-2026-39678

Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone = 2.3.2 versions...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.15 views

CVE-2026-54834

CVE-2026-54834 affects the WordPress Object Cache 4 everyone plugin (≤ 2.3.2). Unauthenticated sensitive data exposure is described; no exploitation details or root-cause are provided in the connected documents. CVSSv3.1 base score 7.5 (HIGH) with network attack vector and no user interaction. No...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.18 views

CVE-2026-54824

Unauthenticated sensitive data exposure affecting the WordPress Ads by WPQuads plugin ≤ 3.0.3. Affected component: the WPQuads Ads plugin for WordPress. Root cause: unspecified in the provided documents; the vulnerability is described as unauthenticated exposure. Impact: sensitive data exposure w...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.5 views

EUVD-2026-39784

Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.32 views

CVE-2026-54824 WordPress Ads by WPQuads plugin <= 3.0.3 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...

7.5CVSS0.00294EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/26 1:26 p.m.4 views

WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin Bopo – WooCommerce Product Bundle Builder versions = 1.1.6...

4.3CVSS5.8AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/26 12:32 p.m.7 views

WordPress WCBoost &#8211; Products Compare plugin <= 1.1.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WCBoost Products Compare versions = 1.1.0...

5.3CVSS5.8AI score0.0024EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 6:0 a.m.6 views

CVE-2026-10823

The YMC Filter WordPress plugin before 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supplied query parameter, allowing unauthenticated attackers to retrieve the titles and content of private, draft, and other non-public posts...

7.5CVSS5.8AI score0.00921EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 9:41 p.m.19 views

CVE-2025-71324

Flowise before 3.0.6 has an arbitrary file-read vulnerability in the chatId parameter of /api/v1/get-upload-file and /api/v1/openai-assistants-file/download. The chatId value is not validated and is passed to streamStorageFile(), where a fallback file-lookup path constructed without the orgId is ...

8.7CVSS6AI score0.00346EPSS
Exploits1References2Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 8:40 p.m.6 views

Malicious code in ref-slot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e1ef3e785cf6cb007c0b33be2ed43ebe49d64f476bb4fb3a66b914b06def5e1 On npm install, the package's postinstall hook runs node test.js which invokes index.js to perform multi-stage installer compromise. 1 Credential...

5.9AI score
Exploits0References2
NVD
NVD
added 2026/06/25 8:17 p.m.6 views

CVE-2026-37453

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSISERVICE2 pipe...

7.5CVSS0.00398EPSS
Exploits1References2
NVD
NVD
added 2026/06/25 8:17 p.m.5 views

CVE-2026-37149

GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0 was discovered to contain a SQL injection vulnerability in the scost parameter in /grocery/searchproducts.php. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...

7.7CVSS0.00215EPSS
Exploits0References3
Rows per page
Query Builder