Lucene search
K

76457 matches found

NVD
NVD
added 13 hours ago5 views

CVE-2026-61976

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Retrieve Embedded Sensitive Data.This issue affects JetBlocks For Elementor: from n/a through = 1.5.0...

5.3CVSS
Exploits0References1
NVD
NVD
added 13 hours ago2 views

CVE-2026-57393

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce PDF Invoice Builder: from n/a through = 2.0.8...

6.5CVSS
Exploits0References1
CVE
CVE
added 14 hours ago7 views

CVE-2026-14846

CVE-2026-14846 affects PrestaShop version 8.2.1. The flaw arises from incorrect sanitisation due to inadequate validation of the ‘Alias’ parameter in the ‘Update your address’ function. This allows an attacker to inject malicious expressions that are executed when exporting data with the ‘Get my ...

4.5CVSS6.1AI score
Exploits0References1
CVE
CVE
added 15 hours ago6 views

CVE-2026-59523

CVE-2026-59523 affects the WordPress plugin Simply Schedule Appointments (

6.5CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 15 hours ago9 views

CVE-2026-61976 WordPress JetBlocks For Elementor plugin <= 1.5.0 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Retrieve Embedded Sensitive Data.This issue affects JetBlocks For Elementor: from n/a through = 1.5.0...

5.3CVSS
Exploits0References1
Cvelist
Cvelist
added 15 hours ago5 views

CVE-2026-61952 WordPress WooCommerce Bulk Edit Products – WP Sheet Editor plugin <= 1.8.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jose Vega WooCommerce Bulk Edit Products – WP Sheet Editor woo-bulk-edit-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Bulk Edit Products – WP Sheet Editor: from n/a through = 1.8.21...

4.9CVSS
Exploits0References1
Cvelist
Cvelist
added 15 hours ago6 views

CVE-2026-61975 WordPress JetReviews plugin <= 3.0.1 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetReviews jet-reviews allows Retrieve Embedded Sensitive Data.This issue affects JetReviews: from n/a through = 3.0.1...

5.3CVSS
Exploits0References1
CVE
CVE
added 15 hours ago7 views

CVE-2026-61985

CVE-2026-61985 affects the WordPress Car Rental Manager plugin (

5.3CVSS6.1AI score
Exploits0References1
CVE
CVE
added 15 hours ago6 views

CVE-2026-61952

Summary: CVE-2026-61952 affects the WordPress WooCommerce plugin “WooCommerce Bulk Edit Products – WP Sheet Editor” (versions up to and including 1.8.21). The issue is a broken access control due to missing authorization, enabling exploitation through insecure access control configurations. Affec...

4.9CVSS6.1AI score
Exploits0References1
CVE
CVE
added 15 hours ago7 views

CVE-2026-61975

CVE-2026-61975 affects the WordPress JetReviews plugin (Crocoblock) up to version 3.0.1. The issue is Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data from JetReviews. The NVD entries describe the vulnerability but do not pr...

5.3CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 15 hours ago5 views

CVE-2026-57797 WordPress EduMall theme <= 4.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeMove EduMall edumall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EduMall: from n/a through = 4.5.1...

4.3CVSS
Exploits0References1
Cvelist
Cvelist
added 15 hours ago6 views

CVE-2026-57812 WordPress Simply Schedule Appointments plugin <= 1.6.12.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.12.4...

6.5CVSS
Exploits0References1
Cvelist
Cvelist
added 15 hours ago5 views

CVE-2026-61977 WordPress JetSearch plugin <= 3.6.1.2 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetSearch jet-search allows Retrieve Embedded Sensitive Data.This issue affects JetSearch: from n/a through = 3.6.1.2...

5.3CVSS
Exploits0References1
CVE
CVE
added 15 hours ago10 views

CVE-2026-61976

CVE-2026-61976 affects Crocoblock JetBlocks For Elementor (WordPress plugin) up to version 1.5.0. The vulnerability is described as an Exposure of Sensitive System Information to an Unauthorized Control Sphere, enabling retrieval of embedded sensitive data. CVSS 3.1 metrics indicate a Network att...

5.3CVSS6.1AI score
Exploits0References1
CVE
CVE
added 15 hours ago9 views

CVE-2026-61977

The CVE-2026-61977 entry concerns the WordPress JetSearch plugin (JetSearch) vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data. Affected: WordPress JetSearch plugin versions up to 3.6.1.2. Root cause details are...

5.3CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 15 hours ago5 views

CVE-2026-57418 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.13...

6.5CVSS
Exploits0References1
Cvelist
Cvelist
added 15 hours ago6 views

CVE-2026-57740 WordPress AcyMailing SMTP Newsletter plugin <= 10.11.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.1...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added 15 hours ago6 views

CVE-2026-57400 WordPress Event Tickets Manager for WooCommerce plugin <= 1.5.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Swings Event Tickets Manager for WooCommerce event-tickets-manager-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Tickets Manager for WooCommerce: from n/a through = 1.5.5...

6.5CVSS
Exploits0References1
CVE
CVE
added 15 hours ago5 views

CVE-2026-57393

CVE-2026-57393 affects the WordPress plugin WooCommerce PDF Invoice Builder (plugin slug woo-pdf-invoice-builder) up to version ≤ 2.0.8. The vulnerability is described as an Exposure of Sensitive System Information to an Unauthorized Control Sphere that allows retrieval of embedded sensitive data...

6.5CVSS6.1AI score
Exploits0References1
CVE
CVE
added 15 hours ago4 views

CVE-2026-57418

CVE-2026-57418 covers a Missing Authorization vulnerability in the WordPress/plugin set associated with Sprout Invoices, specifically the Sprout Invoices Client Invoicing (WordPress plugin, versions up to 20.8.13). The root cause is an Incorrectly Configured Access Control , described as broken a...

6.5CVSS6.1AI score
Exploits0References1
Rows per page
Query Builder