Lucene search
K

6 matches found

NVD
NVD
added 6 days ago8 views

CVE-2026-12122

The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.11 via the getsinglesymbol. This makes it possible for unauthenticated attackers to extract the full builder metadata and...

5.3CVSS0.00285EPSS
Exploits0References8
CVE
CVE
added 6 days ago12 views

CVE-2026-12122

The CVE-2026-12122 entry documents a vulnerability in the Kirki – Freeform Page Builder, Website Builder & Customizer WordPress plugin (versions up to and including 6.0.11). The issue is a Sensitive Information Exposure via get_single_symbol that allows unauthenticated attackers to extract full b...

5.3CVSS5.8AI score0.00285EPSS
Exploits0References8
NVD
NVD
added 2026/06/27 8:16 a.m.15 views

CVE-2026-11987

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.4 via the 'id' parameter due to missing validation on a user controlled key. This...

4.3CVSS0.00271EPSS
Exploits0References14
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39948

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.4 via the 'id' parameter due to missing validation on a user controlled key. This...

4.3CVSS5.7AI score0.00271EPSS
Exploits0References14
CVE
CVE
added 2026/06/27 6:50 a.m.16 views

CVE-2026-11987

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution (WordPress) up to version 5.0.4 is vulnerable to Insecure Direct Object Reference via the id parameter due to missing validation on a user‑controlled key. Authenticated attackers with subscriber+ access can read other vendors’ pro...

4.3CVSS5.7AI score0.00271EPSS
Exploits0References14
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.11 views

WordPress plugin LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.4AI score0.00353EPSS
Exploits0References15
Rows per page
Query Builder