Lucene search
+L

233 matches found

nvd
nvd
added 2026/07/02 12:17 p.m.6 views

CVE-2026-57345

Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...

7.1CVSS0.00191EPSS
Exploits0References1
euvd
euvd
added 2026/06/29 1:36 p.m.11 views

EUVD-2026-40106

Subscriber Broken Access Control in Ads by WPQuads = 3.0.3 versions...

6.5CVSS5.8AI score0.00229EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/29 12:0 a.m.11 views

PT-2026-53296

Name of the Vulnerable Software and Affected Versions Ads by WPQuads versions prior to 3.0.4 Description Broken access control allows users with the Subscriber role to perform unauthorized actions. Recommendations Update Ads by WPQuads to version 3.0.4 or later...

6.5CVSS5.9AI score0.00229EPSS
Exploits0References4
euvd
euvd
added 2026/06/26 2:52 p.m.6 views

EUVD-2026-39784

Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
cve
cve
added 2026/06/26 2:52 p.m.22 views

CVE-2026-54824

Unauthenticated sensitive data exposure affecting the WordPress Ads by WPQuads plugin ≤ 3.0.3. Affected component: the WPQuads Ads plugin for WordPress. Root cause: unspecified in the provided documents; the vulnerability is described as unauthenticated exposure. Impact: sensitive data exposure w...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/16 9:23 p.m.24 views

CVE-2026-49073 WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...

8.5CVSS0.00205EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/16 12:0 a.m.11 views

PT-2026-50125

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...

8.5CVSS5.6AI score0.00205EPSS
Exploits0References2
euvd
euvd
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36997

Subscriber Broken Access Control in myCred = 3.0.3 versions...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/15 8:18 p.m.28 views

CVE-2026-40794 WordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerability

Subscriber Broken Access Control in myCred = 3.0.3 versions...

6.5CVSS0.00279EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.8 views

CVE-2026-40794 WordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerability

Subscriber Broken Access Control in myCred = 3.0.3 versions...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References1
cve
cve
added 2026/06/15 8:17 p.m.19 views

CVE-2026-39449

CVE-2026-39449 is an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress plugin Contact Form to Any API for versions ≤ 3.0.3. The issue is documented by Patchstack and CVEs listed in connected records; affected component is the plugin and the root cause details are not discl...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.17 views

PT-2026-49431

Subscriber Broken Access Control in myCred = 3.0.3 versions...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/26 12:0 a.m.13 views

EZB Systems Softdisk 安全漏洞

EZB Systems Softdisk is a tool software developed by EZB Systems Corporation, used for creating and managing virtual disks and disk images. Version 3.0.3 of EZB Systems Softdisk contains a security vulnerability. This vulnerability stems from a buffer overflow in the registration code dialog box,...

6.9CVSS6.2AI score0.00137EPSS
Exploits0References1
patchstack
patchstack
added 2026/04/22 2:26 p.m.7 views

WordPress Contact Form to Any API plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xManticore in WordPress Plugin Contact Form to Any API versions = 3.0.3...

5.1AI score0.00175EPSS
Exploits0Affected Software1
cvelist
cvelist
added 2026/04/08 8:30 a.m.21 views

CVE-2026-39625 WordPress TechOne theme <= 3.0.3 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through = 3.0.3...

5.3CVSS0.00236EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39625 WordPress TechOne theme <= 3.0.3 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through = 3.0.3...

5.8AI score0.00236EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/04/08 12:0 a.m.8 views

PT-2026-31190

CVE-2026-39625 Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects Tec… https://t.co/G5AXQK2cTi...

5.3CVSS5.8AI score0.00236EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/03/26 5:2 p.m.3 views

CVE-2026-32535

Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through = 3.0.3...

6.5CVSS5.8AI score0.00155EPSS
Exploits0References1
euvd
euvd
added 2026/03/25 6:31 p.m.6 views

EUVD-2026-15909

Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through = 3.0.3...

5.8AI score0.00155EPSS
Exploits0References2
euvd
euvd
added 2026/03/25 6:31 p.m.6 views

EUVD-2026-15907

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through = 3.0.3...

8.5CVSS5.9AI score0.00217EPSS
Exploits0References2
Rows per page
Query Builder