Lucene search
+L

11459 matches found

NVD
NVD
added 6 days ago5 views

CVE-2026-61977

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetSearch jet-search allows Retrieve Embedded Sensitive Data.This issue affects JetSearch: from n/a through = 3.6.1.2...

5.3CVSS0.00197EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-61968

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 3.1.2...

5.4CVSS0.0017EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-59518

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS0.00313EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-57791

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Brook brook allows PHP Local File Inclusion.This issue affects Brook: from n/a through = 2.9.0...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-57795

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themelexus Kitchor kitchor allows PHP Local File Inclusion.This issue affects Kitchor: from n/a through = 1.4.3...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-57798

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SaurabhSharma NewsPlus Shortcodes newsplus-shortcodes allows PHP Local File Inclusion.This issue affects NewsPlus Shortcodes: from n/a through = 4.2.0...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 6 days ago5 views

CVE-2026-57783

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in merkulove Speaker speaker allows Stored XSS.This issue affects Speaker: from n/a through = 4.1.13...

6.5CVSS0.00218EPSS
Exploits0References1
NVD
NVD
added 6 days ago4 views

CVE-2026-57779

Missing Authorization vulnerability in themebeez Fascinate fascinate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fascinate: from n/a through = 1.1.5...

5.3CVSS0.00285EPSS
Exploits0References1
NVD
NVD
added 6 days ago3 views

CVE-2026-57710

Unrestricted Upload of File with Dangerous Type vulnerability in quantumcloud WoowBot Pro Max woowbot-pro-max allows Using Malicious Files.This issue affects WoowBot Pro Max: from n/a through = 14.1.7...

9.9CVSS0.00328EPSS
Exploits0References1
NVD
NVD
added 6 days ago4 views

CVE-2026-57707

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows SQL Injection.This issue affects Simple Business Directory Pro: from n/a through = 15.9.4...

9.3CVSS0.00291EPSS
Exploits0References1
NVD
NVD
added 6 days ago3 views

CVE-2026-57405

Missing Authorization vulnerability in themehunk Open Shop open-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Open Shop: from n/a through = 1.7.1...

7.1CVSS0.00226EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-57388

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a through = 1.1.44...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 6 days ago4 views

CVE-2026-57376

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows DOM-Based XSS.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.3...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 6 days ago4 views

CVE-2026-57378

Missing Authorization vulnerability in Phil Kurth Advanced Forms advanced-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Forms: from n/a through = 1.9.3.7...

7.5CVSS0.00246EPSS
Exploits0References1
CVE
CVE
added 6 days ago15 views

CVE-2026-57781

CVE-2026-57781 affects the WordPress MeetingHub plugin (Sovlix MeetingHub) in versions up to 1.25.10. It is a Missing Authorization / Broken Access Control vulnerability allowing access level misconfigurations due to the access control setup. According to the provided data, the CVSS v3.1 base sco...

5.3CVSS6.1AI score0.00285EPSS
Exploits0References1
CVE
CVE
added 6 days ago10 views

CVE-2026-57815

CVE-2026-57815 documents a path traversal vulnerability in the WordPress plugin Forminator (WPMU DEV Your All-in-One WordPress Platform Forminator) affecting version range up to and including 1.55.0.2. The issue is described as Improper Limitation of a Pathname to a Restricted Directory, enabling...

7.5CVSS6.1AI score0.00335EPSS
Exploits0References1
CVE
CVE
added 6 days ago9 views

CVE-2026-61975

CVE-2026-61975 affects the WordPress JetReviews plugin (Crocoblock) up to version 3.0.1. The issue is Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data from JetReviews. The NVD entries describe the vulnerability but do not pr...

5.3CVSS6.1AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 6 days ago13 views

CVE-2026-57800

Technical details about CVE-2026-57800 are not provided in the connected documents. The entries mention Local File Inclusion in Overworld theme

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-61968 WordPress myCred plugin <= 3.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 3.1.2...

5.4CVSS0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-57787 WordPress CWS SVGicons plugin <= 1.5.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CreativeWS CWS SVGicons cws-svgicons allows Blind SQL Injection.This issue affects CWS SVGicons: from n/a through = 1.5.5...

8.5CVSS0.00347EPSS
Exploits0References1
Rows per page
Query Builder