Lucene search
K

83679 matches found

Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-42666 WordPress Salon booking system plugin <= 10.30.25 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Salon booking system = 10.30.25 versions...

7.5CVSS5.1AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.27 views

CVE-2026-42664 WordPress AI Product Search for WooCommerce – Motive Commerce Search plugin <= 1.38.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in AI Product Search for WooCommerce Motive Commerce Search = 1.38.2 versions...

8.2CVSS0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.26 views

CVE-2026-42661 WordPress WP Customer Area plugin <= 8.3.4 - Path Traversal vulnerability

Custom role Path Traversal in WP Customer Area = 8.3.4 versions...

8.8CVSS0.00371EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.9 views

CVE-2026-42659

The CVE concerns WordPress plugin “Advanced Form Integration” (versions

6.5CVSS5.1AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.10 views

CVE-2026-42658

The CVE-2026-42658 entry concerns the WordPress Classified Listing plugin, affected versions

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-42651 WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS5.1AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.26 views

CVE-2026-42649 WordPress Favicon Rotator plugin <= 1.2.11 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Favicon Rotator = 1.2.11 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-42639 WordPress GD Rating System plugin <= 3.6.2 - SQL Injection vulnerability

Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.17 views

CVE-2026-42411

CVE-2026-42411 affects the WordPress CloudSecure WP Security plugin (versions

8.1CVSS5.2AI score0.00405EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-42411 WordPress CloudSecure WP Security plugin <= 1.4.7 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in CloudSecure WP Security = 1.4.7 versions...

8.1CVSS5.2AI score0.00405EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.28 views

CVE-2026-42411 WordPress CloudSecure WP Security plugin <= 1.4.7 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in CloudSecure WP Security = 1.4.7 versions...

8.1CVSS0.00405EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.31 views

CVE-2026-42386 WordPress Order Delivery Date for WooCommerce plugin <= 4.5.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...

9.3CVSS0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-42386 WordPress Order Delivery Date for WooCommerce plugin <= 4.5.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.21 views

CVE-2026-42384

CVE-2026-42384 concerns the WordPress plugin “Simply Schedule Appointments” (versions prior to 1.6.11.2). The entry documents an unauthenticated, sensitive data exposure vulnerability affecting this plugin. The vulnerability is described as exposing sensitive data without authentication, with a C...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.7 views

EUVD-2026-36810

Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...

6.5CVSS5.2AI score0.0039EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.27 views

CVE-2026-40799 WordPress Simple Cloudflare Turnstile plugin <= 1.38.0 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Simple Cloudflare Turnstile = 1.38.0 versions...

5.3CVSS0.00309EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.11 views

CVE-2026-40794

The CVE concerns WordPress plugin myCred ≤ 3.0.3 with a Broken Access Control vulnerability. Affected software: WordPress plugin myCred (versions up to 3.0.3). The provided sources identify the issue but do not disclose the exact root cause, affected functions/files, or concrete impact details be...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-40795 WordPress Amelia plugin <= 2.2 - Broken Access Control vulnerability

Subscriber Broken Access Control in Amelia = 2.2 versions...

6.5CVSS5.1AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.21 views

CVE-2026-40793

CVE-2026-40793 concerns the WordPress Groundhogg plugin (versions earlier than 4.4.1) with a Broken Access Control vulnerability. The public description identifies the issue as a subscriber-level access control flaw in Groundhogg &lt; 4.4.1. The connected documents corroborate that the vulnerabil...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.10 views

CVE-2026-40787

The vulnerability concerns the WordPress Quiz And Survey Master plugin (versions ≤ 11.0.0). It is an unauthenticated Cross Site Scripting (XSS) flaw identified in these releases. The connected sources confirm the affected product and the XSS impact but do not specify the exact root cause, vulnera...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Rows per page
Query Builder