264901 matches found
CVE-2026-57356
CVE-2026-57356 is an unauthenticated Cross Site Scripting (XSS) vulnerability affecting the WordPress MC Woocommerce Wishlist plugin version ≤ 1.9.19. The issue, identified in the CVE record, does not specify exploitation status or a confirmed fix within the provided documents. The CVSS base scor...
CVE-2026-57355 WordPress Classified Listing plugin <= 5.4.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in Classified Listing = 5.4.2 versions...
CVE-2026-57355
The WordPress Classified Listing plugin ≤ 5.4.2 has a Broken Access Control vulnerability. Affected software: Classified Listing plugin for WordPress (versions ≤ 5.4.2). Root cause: insufficient access checks. Impact: according to CVSS 3.1 metrics (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) with a base...
CVE-2026-57354 WordPress JetReviews plugin <= 3.0.0.1 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in JetReviews = 3.0.0.1 versions...
CVE-2026-57354
The CVE-2026-57354 entry describes a Subscriber Cross Site Scripting (XSS) vulnerability in the WordPress JetReviews plugin limited to versions
CVE-2026-57353
The CVE concerns WordPress Link Whisper Premium plugin <= 2.9.0 with a Broken Access Control issue. The accompanying CVSS data (Patchstack, v3.1) indicates an external attack over network, with low privileges and no user interaction, potentially affecting integrity (I: High) while confidential...
CVE-2026-57353 WordPress Link Whisper Premium plugin <= 2.9.0 - Broken Access Control vulnerability
Subscriber Broken Access Control in Link Whisper Premium = 2.9.0 versions...
CVE-2026-57352 WordPress ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce plugin <= 2.2.0 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce = 2.2.0 versions...
CVE-2026-57351
CVE-2026-57351 affects the WordPress plugin HandL UTM Grabber up to version 2.9.2, with an unauthenticated XSS vulnerability. The connected documents provide the vulnerability type and affected software but do not supply root cause specifics, exploit details, or a remediation. CVSS data (3.1) fro...
CVE-2026-57351 WordPress HandL UTM Grabber plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...
CVE-2026-57350 WordPress WP Debugging plugin <= 2.12.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in WP Debugging = 2.12.2 versions...
CVE-2026-57350
WP Debugging plugin for WordPress with versions ≤2.12.2 is affected by an unauthenticated Cross Site Scripting (XSS) vulnerability. The CVE entry specifies the vulnerable component as the WP Debugging plugin and lists CVSS v3.1 base score 7.1 (High) with Network attack vector, no privileges requi...
EUVD-2026-41349
Unauthenticated Cross Site Scripting XSS in WP Debugging = 2.12.2 versions...
CVE-2026-57349 WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.17 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in WPeMatico RSS Feed Fetcher = 2.8.17 versions...
CVE-2026-57348
CVE-2026-57348 affects WordPress plugin Paid Member Subscriptions (versions <= 3.0.4). An unauthenticated server-side request forgery (SSRF) vulnerability exists in this plugin, enabling an attacker to induce the server to fetch arbitrary resources. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C...
CVE-2026-57348 WordPress Paid Member Subscriptions plugin <= 3.0.4 - Server Side Request Forgery (SSRF) vulnerability
Unauthenticated Server Side Request Forgery SSRF in Paid Member Subscriptions = 3.0.4 versions...
CVE-2026-57349
CVE-2026-57349 affects the WordPress plugin WPeMatico RSS Feed Fetcher (versions
CVE-2026-57347
CVE-2026-57347 affects the WordPress plugin Hotel Booking Lite
CVE-2026-57347 WordPress Hotel Booking Lite plugin <= 6.0.3 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in Hotel Booking Lite = 6.0.3 versions...
CVE-2026-57345 WordPress Internal Links Manager plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...