Lucene search
K

264901 matches found

CVE
CVE
added 2 days ago4 views

CVE-2026-57356

CVE-2026-57356 is an unauthenticated Cross Site Scripting (XSS) vulnerability affecting the WordPress MC Woocommerce Wishlist plugin version ≤ 1.9.19. The issue, identified in the CVE record, does not specify exploitation status or a confirmed fix within the provided documents. The CVSS base scor...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-57355 WordPress Classified Listing plugin <= 5.4.2 - Broken Access Control vulnerability

Subscriber Broken Access Control in Classified Listing = 5.4.2 versions...

6.5CVSS0.00299EPSS
Exploits0References1
CVE
CVE
added 2 days ago5 views

CVE-2026-57355

The WordPress Classified Listing plugin ≤ 5.4.2 has a Broken Access Control vulnerability. Affected software: Classified Listing plugin for WordPress (versions ≤ 5.4.2). Root cause: insufficient access checks. Impact: according to CVSS 3.1 metrics (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) with a base...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-57354 WordPress JetReviews plugin <= 3.0.0.1 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in JetReviews = 3.0.0.1 versions...

6.5CVSS0.00224EPSS
Exploits0References1
CVE
CVE
added 2 days ago3 views

CVE-2026-57354

The CVE-2026-57354 entry describes a Subscriber Cross Site Scripting (XSS) vulnerability in the WordPress JetReviews plugin limited to versions

6.5CVSS5.8AI score0.00224EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-57353

The CVE concerns WordPress Link Whisper Premium plugin &lt;= 2.9.0 with a Broken Access Control issue. The accompanying CVSS data (Patchstack, v3.1) indicates an external attack over network, with low privileges and no user interaction, potentially affecting integrity (I: High) while confidential...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57353 WordPress Link Whisper Premium plugin <= 2.9.0 - Broken Access Control vulnerability

Subscriber Broken Access Control in Link Whisper Premium = 2.9.0 versions...

6.5CVSS0.00299EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57352 WordPress ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce plugin <= 2.2.0 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce = 2.2.0 versions...

4.8CVSS0.0021EPSS
Exploits0References1
CVE
CVE
added 2 days ago6 views

CVE-2026-57351

CVE-2026-57351 affects the WordPress plugin HandL UTM Grabber up to version 2.9.2, with an unauthenticated XSS vulnerability. The connected documents provide the vulnerability type and affected software but do not supply root cause specifics, exploit details, or a remediation. CVSS data (3.1) fro...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-57351 WordPress HandL UTM Grabber plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...

7.1CVSS0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-57350 WordPress WP Debugging plugin <= 2.12.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WP Debugging = 2.12.2 versions...

7.1CVSS0.00191EPSS
Exploits0References1
CVE
CVE
added 2 days ago6 views

CVE-2026-57350

WP Debugging plugin for WordPress with versions ≤2.12.2 is affected by an unauthenticated Cross Site Scripting (XSS) vulnerability. The CVE entry specifies the vulnerable component as the WP Debugging plugin and lists CVSS v3.1 base score 7.1 (High) with Network attack vector, no privileges requi...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-41349

Unauthenticated Cross Site Scripting XSS in WP Debugging = 2.12.2 versions...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57349 WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.17 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WPeMatico RSS Feed Fetcher = 2.8.17 versions...

7.1CVSS0.00191EPSS
Exploits0References1
CVE
CVE
added 2 days ago6 views

CVE-2026-57348

CVE-2026-57348 affects WordPress plugin Paid Member Subscriptions (versions &lt;= 3.0.4). An unauthenticated server-side request forgery (SSRF) vulnerability exists in this plugin, enabling an attacker to induce the server to fetch arbitrary resources. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C...

7.2CVSS5.8AI score0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57348 WordPress Paid Member Subscriptions plugin <= 3.0.4 - Server Side Request Forgery (SSRF) vulnerability

Unauthenticated Server Side Request Forgery SSRF in Paid Member Subscriptions = 3.0.4 versions...

7.2CVSS0.00203EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-57349

CVE-2026-57349 affects the WordPress plugin WPeMatico RSS Feed Fetcher (versions

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-57347

CVE-2026-57347 affects the WordPress plugin Hotel Booking Lite

6.5CVSS5.8AI score0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-57347 WordPress Hotel Booking Lite plugin <= 6.0.3 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Hotel Booking Lite = 6.0.3 versions...

6.5CVSS0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-57345 WordPress Internal Links Manager plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...

7.1CVSS0.00191EPSS
Exploits0References1
Rows per page
Query Builder