CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

167 matches found

EUVD•added 2026/05/07 9:31 a.m.•4 views

EUVD-2026-28332

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons for Elementor: from n/a through 3.20.8...

5.3CVSS5.8AI score0.00012EPSS

Exploits0References2

NVD•added 2026/04/29 9:16 a.m.•1 views

CVE-2026-42412

Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Frontend: from n/a through 4.3.1...

6.5CVSS0.00054EPSS

Exploits0References1

EUVD•added 2026/04/29 7:51 a.m.•0 views

EUVD-2026-26195

Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Frontend: from n/a through 4.3.1...

6.5CVSS5.1AI score0.00054EPSS

Exploits0References1

Positive Technologies•added 2026/04/29 12:0 a.m.•1 views

PT-2026-35880

Name of the Vulnerable Software and Affected Versions weDevs WP User Frontend versions prior to 4.3.2 Description A missing authorization issue exists due to incorrectly configured access control security levels. Recommendations Update to a version newer than 4.3.1...

6.5CVSS5.2AI score0.00054EPSS

Exploits0References5

RedhatCVE•added 2026/04/13 7:24 p.m.•0 views

CVE-2026-39520

Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through = 2.1.18...

5.3CVSS5.8AI score0.0004EPSS

Exploits0References1

EUVD•added 2026/04/08 8:30 a.m.•1 views

EUVD-2026-20181

Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through = 2.1.18...

5.9AI score0.0004EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 5:2 p.m.•2 views

CVE-2026-32485

Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through = 4.2.8...

7.5CVSS5.8AI score0.00047EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 5:1 p.m.•1 views

CVE-2026-24364

6.5CVSS5.8AI score0.00013EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:16 p.m.•0 views

CVE-2026-31917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

8.5CVSS5.9AI score0.00016EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•2 views

EUVD-2026-15829

5.8AI score0.00047EPSS

Exploits0References2

NVD•added 2026/03/25 5:16 p.m.•1 views

CVE-2026-32485

7.5CVSS0.00047EPSS

Exploits0References1

NVD•added 2026/03/25 5:16 p.m.•1 views

CVE-2026-24364

6.5CVSS0.00013EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-32485 WordPress WP User Frontend plugin <= 4.2.8 - Broken Access Control vulnerability

7.5CVSS0.00047EPSS

Exploits0References1

ATTACKERKB•added 2026/03/25 4:14 p.m.•2 views

CVE-2026-32485

5.8AI score0.00047EPSS

Exploits0References2

Positive Technologies•added 2026/03/25 12:0 a.m.•1 views

PT-2026-27851

Name of the Vulnerable Software and Affected Versions weDevs WP User Frontend versions prior to 4.2.5 Description An authorization issue exists in weDevs WP User Frontend. The issue involves exploiting incorrectly configured access control security levels. Recommendations Update weDevs WP User...

6.5CVSS5.9AI score0.00013EPSS

Exploits0References3

EUVD•added 2026/03/13 9:31 p.m.•1 views

EUVD-2026-11792

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

8.5CVSS5.8AI score0.00016EPSS

Exploits0References2

NVD•added 2026/03/13 7:54 p.m.•3 views

CVE-2026-31917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

8.5CVSS0.00016EPSS

Exploits0References1

CVE•added 2026/03/13 11:41 a.m.•4 views

CVE-2026-31917

The CVE concerns the WordPress WP ERP plugin by weDevs (ERP component) with versions up to 1.16.10 exposed to SQL Injection due to improper neutralization of user input. The issue affects WP ERP from unspecified earlier versions through 1.16.10. The provided documents do not specify exploit detai...

8.5CVSS5.8AI score0.00016EPSS

Exploits0References1

ATTACKERKB•added 2026/03/13 11:41 a.m.•2 views

CVE-2026-31917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

5.8AI score0.00016EPSS

Exploits0References2

Cvelist•added 2026/03/13 11:41 a.m.•22 views

CVE-2026-31917 WordPress WP ERP plugin <= 1.16.10 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

8.5CVSS0.00016EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by