CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

83594 matches found

CVE•added 2 days ago•8 views

CVE-2026-57637

CVE-2026-57637 applies to the WordPress Abandoned Cart Lite for WooCommerce plugin (versions

4.3CVSS5.8AI score0.00107EPSS

Exploits0References1

Cvelist•added 2 days ago•33 views

CVE-2026-57637 WordPress Abandoned Cart Lite for WooCommerce plugin <= 6.8.0 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...

4.3CVSS0.00107EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-57633 WordPress WCBoost – Products Compare plugin <= 1.1.0 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...

5.3CVSS0.0024EPSS

Exploits0References1

Cvelist•added 2 days ago•30 views

CVE-2026-57634 WordPress PPWP plugin <= 1.9.19 - Insecure Direct Object References (IDOR) vulnerability

Contributor Insecure Direct Object References IDOR in PPWP = 1.9.19 versions...

4.3CVSS0.00185EPSS

Exploits0References1

Cvelist•added 2 days ago•35 views

CVE-2026-57630 WordPress Blocksy Companion Pro plugin <= 2.1.46 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Blocksy Companion Pro = 2.1.46 versions...

5.3CVSS0.00228EPSS

Exploits0References1

CVE•added 2 days ago•12 views

CVE-2026-57622

CVE-2026-57622 affects the WordPress WPCafe plugin, versions

4.3CVSS5.8AI score0.00259EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-57323 WordPress Flash & HTML5 Video plugin <= 2.11.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...

5.8CVSS0.00228EPSS

Exploits0References1

CVE•added 2 days ago•5 views

CVE-2026-57323

The CVE-2026-57323 entry concerns the WordPress Flash & HTML5 Video plugin (versions <= 2.11.0). Affected component: the Flash & HTML5 Video functionality within the WordPress plugin. Root cause: Unauthenticated Broken Access Control, enabling access to resources without authentication. Impact...

5.8CVSS5.8AI score0.00228EPSS

Exploits0References1

CVE•added 2 days ago•7 views

CVE-2026-57317

CVE-2026-57317 affects the WordPress plugin Simply Schedule Appointments (versions

7.1CVSS5.8AI score0.0018EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-57317 WordPress Simply Schedule Appointments plugin <= 1.6.12.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.12.2 versions...

7.1CVSS0.0018EPSS

Exploits0References1

CVE•added 2 days ago•8 views

CVE-2026-56070

WordPress Advance Product Search plugin (

9.3CVSS5.8AI score0.00236EPSS

Exploits0References1

CVE•added 2 days ago•6 views

CVE-2026-56066

CVE-2026-56066 affects the WordPress ShortPixel Adaptive Images plugin up to version 3.11.4, describing an unauthenticated Arbitrary File Deletion vulnerability. The connected records confirm the affected product and the nature of the issue but do not provide details on attack vectors, root cause...

5.8CVSS5.8AI score0.00346EPSS

Exploits0References1

Cvelist•added 2 days ago•30 views

CVE-2026-56066 WordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS0.00346EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-56063 WordPress MailChimp Block plugin <= 1.1.15 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in MailChimp Block = 1.1.15 versions...

8.3CVSS0.00178EPSS

Exploits0References1

Cvelist•added 2 days ago•36 views

CVE-2026-56062 WordPress Quotes llama plugin <= 3.1.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in Quotes llama = 3.1.5 versions...

9.3CVSS0.00236EPSS

Exploits0References1

CVE•added 2 days ago•6 views

CVE-2026-56060

The CVE concerns the WordPress plugin Print Invoice & Delivery Notes for WooCommerce . Affected: WooCommerce plugin versions up to and including 7.1.1 . Vulnerability: Unauthenticated Sensitive Data Exposure when generating prints for invoices and delivery notes, allowing access to confidential d...

7.5CVSS5.8AI score0.00303EPSS

Exploits0References1

Cvelist•added 2 days ago•33 views

CVE-2026-56060 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...

7.5CVSS0.00303EPSS

Exploits0References1

CVE•added 2 days ago•7 views

CVE-2026-56048

Summary: CVE-2026-56048 concerns the WordPress plugin “Payment Gateway Based Fees and Discounts for WooCommerce” (versions ≤ 3.0.0). The vulnerability is described as an unauthenticated insecure direct object reference (IDOR). The connected documents confirm the affected product and root cause (I...

6.5CVSS5.8AI score0.00242EPSS

Exploits0References1

CVE•added 2 days ago•4 views

CVE-2026-56045

The CVE-2026-56045 entry applies to the WordPress Automatic plugin versions earlier than 3.135.1, with an unauthenticated Cross Site Scripting (XSS) vulnerability. Affected software: WordPress Automatic plugin (

7.1CVSS5.8AI score0.0018EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-56044 WordPress Blog2Social plugin <= 8.9.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Blog2Social = 8.9.2 versions...

7.1CVSS0.0018EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by