Lucene search
K

8481 matches found

CVE
CVE
added 2 hours ago5 views

CVE-2026-11988

CVE-2026-11988 affects LearnPress

6.5CVSS5.8AI score
Exploits0References8
CVE
CVE
added 3 hours ago5 views

CVE-2026-12090

The Taskbuilder WordPress plugin (Taskbuilder – Project Management & Task Management Tool With Kanban Board) is affected by a generic SQL Injection via the wppm_proj_filter parameter in all versions up to 5.0.8. The root cause is insufficient escaping of the user-supplied parameter and an inadequ...

6.5CVSS5.9AI score
Exploits0References9
CVE
CVE
added 3 hours ago5 views

CVE-2026-12923

The Youtube Showcase plugin for WordPress (up to version 4.0.3) is vulnerable to an Arbitrary Function Call via the 'path' parameter in the emd_delete_file() AJAX handler (includes/common-functions.php). A user-supplied value is sanitized, has its trailing '_PLUGIN_DIR' stripped, and is then invo...

7.5CVSS5.9AI score
Exploits0References5
NVD
NVD
added yesterday8 views

CVE-2026-12240

The Export User Data plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unserialize function in all versions up to, and including, 2.2.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

8CVSS0.00341EPSS
Exploits0References2
CVE
CVE
added yesterday11 views

CVE-2026-12240

The CVE-2026-12240 entry concerns the WordPress Export User Data plugin (up to version 2.2.6). Affected component: the unserialize path validation in the plugin allows an authenticated subscriber+ to trigger arbitrary file deletions on the server by exporting user data, with a crafted serialized ...

8CVSS6.5AI score0.00341EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added yesterday3 views

Security update for glycin-loaders (moderate)

openSUSE security update: security update for glycin-loaders ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21134-1 Rating: moderate References: bsc1248035 bsc1249010 Cross-References: CVE-2025-55159 CVE-2025-58160 CVSS scores: CVE-2025-55159 SUSE ...

5.8CVSS5.7AI score0.00303EPSS
Exploits0References2
NVD
NVD
added 2 days ago7 views

CVE-2026-57329

Subscriber Cross Site Scripting XSS in WooCommerce Designer Pro = 1.9.34 versions...

6.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2 days ago7 views

CVE-2026-57332

Subscriber Broken Access Control in Wallet System for WooCommerce = 2.7.6 versions...

7.1CVSS0.00256EPSS
Exploits0References1
NVD
NVD
added 2 days ago7 views

CVE-2026-57328

Subscriber Cross Site Scripting XSS in Business Directory = 6.4.22 versions...

6.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2 days ago7 views

CVE-2026-57330

Subscriber Cross Site Scripting XSS in MasterStudy LMS = 3.7.27 versions...

6.5CVSS0.00171EPSS
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-57327

Subscriber Broken Access Control in MainWP = 6.1.1 versions...

6.3CVSS0.00249EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-57335

CVE-2026-57335 concerns the WordPress plugin WPQuads Ads (WPQuads)

6.5CVSS5.8AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-40106

Subscriber Broken Access Control in Ads by WPQuads = 3.0.3 versions...

6.5CVSS5.8AI score0.00229EPSS
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-57332

The CVE affects the WordPress Wallet System for WooCommerce plugin, specifically versions

7.1CVSS5.8AI score0.00256EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40101

Subscriber Cross Site Scripting XSS in MasterStudy LMS = 3.7.27 versions...

6.5CVSS5.8AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57330 WordPress MasterStudy LMS plugin <= 3.7.27 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in MasterStudy LMS = 3.7.27 versions...

6.5CVSS0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40099

Subscriber Cross Site Scripting XSS in Business Directory = 6.4.22 versions...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40098

Subscriber Broken Access Control in MainWP = 6.1.1 versions...

6.3CVSS5.8AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-57327

The connected documents identify CVE-2026-57327 as a vulnerability in the WordPress MainWP plugin up to version 6.1.1 describing a Subscriber/Broken Access Control issue. The underlying root cause is described as broken access control, but the documents do not provide concrete technical details s...

6.3CVSS5.8AI score0.00249EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57327 WordPress MainWP plugin <= 6.1.1 - Broken Access Control vulnerability

Subscriber Broken Access Control in MainWP = 6.1.1 versions...

6.3CVSS0.00249EPSS
Exploits0References1
Rows per page
Query Builder