Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18985 matches found

CVE
CVEadded last week28 views

CVE-2024-52488

CVE-2024-52488 affects WordPress Grip theme (versions ≤ 1.0.9). The issue is an Arbitrary Plugin Activation/Deactivation vulnerability leading to RCE, requiring Subscriber privileges. Patch status is not clearly available in the provided docs; Patchstack indicates high risk with a potential explo...

9.9CVSS8.4AI score0.00471EPSS
Exploits0References1
CVE
CVEadded last week11 views

CVE-2024-49269

CVE-2024-49269 affects the WordPress theme my flatonica <= 0.0.8, with unauthenticated reflected XSS. Affected versions are

7.1CVSS5.1AI score0.00241EPSS
Exploits0References1
Cvelist
Cvelistadded last week25 views

CVE-2024-49269 WordPress my flatonica theme <= 0.0.8 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in my flatonica = 0.0.8 versions...

7.1CVSS0.00241EPSS
Exploits0References1
Nuclei
Nucleiadded last week51 views

WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery

WordPress Fusion Builder plugin before 3.6.2 is susceptible to server-side request forgery. The plugin does not validate a parameter in its forms, which can be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. An attacker can...

9.8CVSS8.4AI score0.71722EPSS
Exploits6References5
Positive Technologies
Positive Technologiesadded 2026/06/17 12:0 a.m.11 views

PT-2026-50564

Name of the Vulnerable Software and Affected Versions TypeBot versions prior to 3.16.0 Steeltoe affected versions not specified Description TypeBot contains an Insecure Direct Object Reference IDOR issue—a flaw where an application provides direct access to objects based on user-supplied...

7.1CVSS5.2AI score0.00202EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/06/16 8:57 p.m.19 views

CVE-2026-48869 WordPress Enfold theme <= 7.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Enfold = 7.1.4 versions...

7.1CVSS0.00186EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 8:57 p.m.16 views

CVE-2026-48869

CVE-2026-48869 : The WordPress Enfold theme (versions

7.1CVSS5.1AI score0.00186EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/16 8:57 p.m.18 views

CVE-2026-40761 WordPress Valeska theme <= 1.2.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Valeska = 1.2.2 versions...

8.1CVSS0.0025EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 8:57 p.m.9 views

CVE-2026-40761

WordPress Theme Valeska &lt;= 1.2.2 is affected by an unauthenticated PHP Object Injection vulnerability. Affected component: Valeska theme (WordPress). Root cause: PHP object injection in versions

8.1CVSS5.3AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/16 8:57 p.m.19 views

CVE-2026-40759 WordPress Esmée theme <= 1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Esmée = 1.4 versions...

8.1CVSS0.0032EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 8:57 p.m.12 views

CVE-2026-40759

CVE-2026-40759 affects WordPress Esmée theme versions

8.1CVSS5.3AI score0.0032EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 8:57 p.m.6 views

CVE-2026-40760

WordPress Behold theme

8.1CVSS5.3AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/16 8:57 p.m.18 views

CVE-2026-40758 WordPress Léonie theme <= 1.2.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Léonie = 1.2.1 versions...

8.1CVSS0.0032EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 8:57 p.m.9 views

CVE-2026-40758

The CVE concerns WordPress Léonie theme versions

8.1CVSS5.3AI score0.0032EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/16 8:57 p.m.19 views

CVE-2026-40755 WordPress TechLink theme <= 1.3 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in TechLink = 1.3 versions...

8.1CVSS0.0025EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 8:57 p.m.7 views

CVE-2026-40754

CVE-2026-40754 concerns the WordPress Roisin theme (versions &lt;= 1.4) with unauthenticated PHP Object Injection. Public references describe an object-injection vulnerability in Roisin

8.1CVSS5.3AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/16 8:57 p.m.22 views

CVE-2026-40754 WordPress Roisin theme <= 1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Roisin = 1.4 versions...

8.1CVSS0.0025EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 8:57 p.m.11 views

CVE-2026-40755

CVE-2026-40755 affects WordPress TechLink theme versions

8.1CVSS5.3AI score0.0025EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 8:57 p.m.9 views

CVE-2026-40751

CVE-2026-40751 affects WordPress Theme Ashtanga versions

8.1CVSS5.3AI score0.0032EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/16 8:57 p.m.21 views

CVE-2026-40751 WordPress Ashtanga theme <= 1.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Ashtanga = 1.2 versions...

8.1CVSS0.0032EPSS
Exploits0References1
Rows per page
Query Builder