Lucene search
K

78 matches found

CVE
CVE
added 5 days ago10 views

CVE-2026-57354

The CVE-2026-57354 entry describes a Subscriber Cross Site Scripting (XSS) vulnerability in the WordPress JetReviews plugin limited to versions

6.5CVSS5.8AI score0.00224EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-57342

The CVE-2026-57342 entry concerns the WordPress ShortPixel Adaptive Images plugin, affected versions are

6.5CVSS5.8AI score0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-57342 WordPress ShortPixel Adaptive Images plugin <= 3.11.3 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in ShortPixel Adaptive Images = 3.11.3 versions...

6.5CVSS0.00224EPSS
Exploits0References1
CVE
CVE
added 5 days ago15 views

CVE-2025-69133

CVE-2025-69133 affects the WordPress Tourmaster plugin versions

7.5CVSS5.8AI score0.004EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2025-69094 WordPress Unicamp theme <= 2.2.2 - SQL Injection vulnerability

Subscriber SQL Injection in Unicamp = 2.2.2 versions...

8.5CVSS0.00278EPSS
Exploits0References1
Patchstack
Patchstack
added 6 days ago5 views

WordPress JoomSport – for Sports: Team & League, Football, Hockey & more plugin <= 5.7.8 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification vulnerability

Authenticated Subscriber+ Missing Authorization to Arbitrary Group Creation/Modification vulnerability discovered by ? in WordPress Plugin JoomSport versions = 5.7.8...

4.3CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/29 3:16 p.m.8 views

CVE-2026-57329

Subscriber Cross Site Scripting XSS in WooCommerce Designer Pro = 1.9.34 versions...

6.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 1:36 p.m.34 views

CVE-2026-57330 WordPress MasterStudy LMS plugin <= 3.7.27 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in MasterStudy LMS = 3.7.27 versions...

6.5CVSS0.00171EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53290

Name of the Vulnerable Software and Affected Versions WooCommerce Designer Pro versions prior to 1.9.35 Description Cross Site Scripting XSS allows an attacker with subscriber privileges to execute malicious scripts in the browser of other users. Recommendations Update WooCommerce Designer Pro to...

6.5CVSS6AI score0.00211EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56058

Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...

9.9CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56046

Subscriber Cross Site Scripting XSS in ListingPro = 2.9.11 versions...

6.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-54826

Subscriber Insecure Direct Object References IDOR in SupportCandy = 3.4.6 versions...

7.6CVSS0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.32 views

CVE-2026-57661 WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability

Subscriber Broken Access Control in WPComplete = 2.9.5.5 versions...

5.4CVSS0.00223EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.6 views

EUVD-2026-39743

Subscriber Server Side Request Forgery SSRF in Kirki = 6.0.11 versions...

4.9CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39713

Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...

9.9CVSS5.8AI score0.00362EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.33 views

CVE-2026-56057 WordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerability

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS0.00426EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.12 views

CVE-2026-56032

The CVE-2026-56032 entry concerns a PHP Object Injection vulnerability in the WordPress BuddyBoss Platform plugin, affecting versions up to 3.0.4. The root cause is described as Subscriber PHP Object Injection within BuddyBoss Platform &lt;= 3.0.4. Documented in Patchstack and CVE records, the vu...

9.8CVSS5.8AI score0.00525EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 2:16 p.m.6 views

CVE-2026-56053

Subscriber PHP Object Injection in EventPrime = 4.3.4.1 versions...

8.8CVSS0.00391EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:12 p.m.32 views

CVE-2026-56054 WordPress JS Help Desk plugin <= 3.1.1 - Arbitrary File Deletion vulnerability

Subscriber Arbitrary File Deletion in JS Help Desk = 3.1.1 versions...

7.7CVSS0.0045EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39382

Subscriber PHP Object Injection in EventPrime = 4.3.4.1 versions...

8.8CVSS5.8AI score0.00391EPSS
Exploits0References1
Rows per page
Query Builder