Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

581 matches found

Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.9 views

PT-2026-46349

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.8 views

PT-2026-46365

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.9 views

PT-2026-46382

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.13 views

PT-2026-46329

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.9 views

PT-2026-46345

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.10 views

PT-2026-46353

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.8 views

PT-2026-46339

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.9 views

PT-2026-46381

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.9 views

PT-2026-46326

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.8 views

PT-2026-46336

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.8 views

PT-2026-46373

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.8 views

PT-2026-46379

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.8 views

PT-2026-46374

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.7 views

PT-2026-46376

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46387

The WP Meta Sort Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9. This is due to missing or incorrect nonce validation on the top-level included script in msp-options.php. This makes it possible for unauthenticated attackers to chan...

4.3CVSS5.4AI score0.00013EPSS
Exploits0References7
Wordfence Blog
Wordfence Blogadded 2026/05/29 4:23 p.m.23 views

Wordfence Bug Bounty Program Monthly Report – March 2026

In March 2026, the Wordfence Bug Bounty Program received 1718 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfence Threat...

6.2AI score
Exploits0
Wordfence Blog
Wordfence Blogadded 2026/05/28 5:14 p.m.14 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 18, 2026 to May 24, 2026)

Last week, there were 101 vulnerabilities disclosed in 88 WordPress Plugins and 1 WordPress Theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 69 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities i...

6.3AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.9 views

PT-2026-43543

The WPBakery Page Builder Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the lvca carousel and lvca posts carousel shortcode attributes in all versions up to, and including, 3.9.4 due to insufficient input sanitization and output escaping. Specifically,...

6.4CVSS6AI score0.00032EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/05/27 12:0 a.m.4 views

WordPress plugin ElementsKit Elementor addons Lite 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

5.3CVSS5.8AI score0.00037EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/18 6:0 a.m.37 views

CVE-2026-3220 Multiple Plugins - Unauthenticated Stored XSS via Minify Library

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

0.00016EPSS
Exploits0References1
Rows per page
Query Builder