Lucene search
K

3625 matches found

Nuclei
Nuclei
added 11 hours ago13 views

WordPress CBX Bookmark & Favorite Plugin <= 2.0.4 - SQL Injection

CBX Bookmark & Favorite WordPress plugin = 2.0.4 contains a SQL injection caused by insufficient escaping of the 'orderby' parameter, letting authenticated attackers with Subscriber-level access extract sensitive database information id: CVE-2025-13652 info: name: WordPress CBX Bookmark & Favorit...

6.5CVSS5.5AI score0.01077EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-37610

Subscriber Broken Access Control in WPBakery Page Builder = 8.7.2 versions...

6.5CVSS5.1AI score
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-37592

Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...

4.3CVSS5.2AI score
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-37663

Subscriber Broken Access Control in WishList Member X = 3.29.0 versions...

4.3CVSS5.1AI score
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-45436

Subscriber Broken Access Control in WPBakery Page Builder = 8.7.2 versions...

6.5CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-24575

Subscriber Broken Access Control in WishList Member X = 3.29.0 versions...

4.3CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday24 views

CVE-2026-54803 WordPress SMS Alert Order Notifications plugin <= 3.9.4 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in SMS Alert Order Notifications = 3.9.4 versions...

9.8CVSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-54196

Technical details are not publicly provided in the supplied documents. Monitor for updates on affected versions, impact, and fixes.

6.8CVSS5.2AI score
Exploits0References1
Cvelist
Cvelist
added yesterday22 views

CVE-2026-39546 WordPress MultiLoca plugin <= 4.2.15 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in MultiLoca = 4.2.15 versions...

7.6CVSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-22335

The CVE CVE-2026-22335 affects WordPress: WooCommerce Frontend Manager – Ultimate (wc-frontend-manager-ultimate) versions below 6.7.7. It is a SQL Injection vulnerability exploitable by an authenticated subscriber, with a CVSS base score of 8.5 per Patchstack (high impact: confidentiality) and 6....

8.5CVSS5.7AI score
Exploits0References1
Cvelist
Cvelist
added 2 days ago15 views

CVE-2025-69103 WordPress Brikk theme <= 3.0.0 - Arbitrary Content Deletion vulnerability

Subscriber Arbitrary Content Deletion in Brikk = 3.0.0 versions...

7.5CVSS0.00407EPSS
Exploits0References1
NVD
NVD
added 2 days ago8 views

CVE-2026-8444

The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'curselrevs' parameter of the wpfbfindreviews AJAX action in versions up to, and including, 12.6.8. This is due to the handler reading $POST'curselrevs' raw with no sanitization or type casting, then concatenatin...

8.8CVSS0.00253EPSS
Exploits0References2
NVD
NVD
added 2 days ago7 views

CVE-2026-10093

The File Sharing & Download Manager – User Private Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fldrttl' parameter in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00235EPSS
Exploits0References9
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-10093 File Sharing & Download Manager <= 2.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'fldr_ttl' Parameter

The File Sharing & Download Manager – User Private Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fldrttl' parameter in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00235EPSS
Exploits0References9
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-36997

Subscriber Broken Access Control in myCred = 3.0.3 versions...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-36996

Subscriber Broken Access Control in Groundhogg 4.4.1 versions...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago4 views

EUVD-2025-210163

Subscriber Broken Access Control in Bookify = 1.1.1 versions...

6.5CVSS5.1AI score0.00326EPSS
Exploits0References2
NVD
NVD
added 3 days ago5 views

CVE-2026-42659

Subscriber Broken Access Control in Advanced Form Integration = 1.126.12 versions...

6.5CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-40794

Subscriber Broken Access Control in myCred = 3.0.3 versions...

6.5CVSS0.00279EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-40795

Subscriber Broken Access Control in Amelia = 2.2 versions...

6.5CVSS0.00271EPSS
Exploits0References1
Rows per page
Query Builder