CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263084 matches found

Vulnrichment•added 3 days ago•5 views

CVE-2026-49061 WordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce = 3.2.1 versions...

7.5CVSS5.2AI score0.00373EPSS

Exploits0References1

Cvelist•added 3 days ago•23 views

CVE-2026-49063 WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...

7.3CVSS0.00219EPSS

Exploits0References1

Cvelist•added 3 days ago•24 views

CVE-2026-49061 WordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce = 3.2.1 versions...

7.5CVSS0.00373EPSS

Exploits0References1

CVE•added 3 days ago•8 views

CVE-2026-49063

The CVE-2026-49063 entry concerns the WordPress Listdom plugin, versions up to 5.5.0, with an Unauthenticated Privilege Escalation vulnerability. The connected documents confirm the affected product (Listdom), the vulnerable versions (

7.3CVSS5.2AI score0.00219EPSS

Exploits0References1

CVE•added 3 days ago•13 views

CVE-2026-49061

CVE-2026-49061 : Unauthenticated arbitrary file download in the WordPress plugin WPC Product Options for WooCommerce (versions

7.5CVSS5.2AI score0.00373EPSS

Exploits0References1

Vulnrichment•added 3 days ago•3 views

CVE-2026-49056 WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS5.2AI score0.00294EPSS

Exploits0References1

CVE•added 3 days ago•10 views

CVE-2026-49056

CVE-2026-49056 concerns the WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin, versions

7.5CVSS5.2AI score0.00294EPSS

Exploits0References1

Vulnrichment•added 3 days ago•4 views

CVE-2026-49055 WordPress Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.9.7 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Drag and Drop Multiple File Upload – Contact Form 7 = 1.3.9.7 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

EUVD•added 3 days ago•3 views

EUVD-2026-36867

Unauthenticated Cross Site Request Forgery CSRF in WP Migrate Lite = 2.7.8 versions...

4.7CVSS5.2AI score0.00119EPSS

Exploits0References1

Cvelist•added 3 days ago•24 views

CVE-2026-49043 WordPress WP Migrate Lite plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in WP Migrate Lite = 2.7.8 versions...

4.7CVSS0.00119EPSS

Exploits0References1

Vulnrichment•added 3 days ago•3 views

CVE-2026-49043 WordPress WP Migrate Lite plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in WP Migrate Lite = 2.7.8 versions...

4.7CVSS5.2AI score0.00119EPSS

Exploits0References1

Cvelist•added 3 days ago•25 views

CVE-2026-49055 WordPress Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.9.7 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Drag and Drop Multiple File Upload – Contact Form 7 = 1.3.9.7 versions...

7.1CVSS0.00175EPSS

Exploits0References1

CVE•added 3 days ago•12 views

CVE-2026-49055

WordPress plugin Drag and Drop Multiple File Upload – Contact Form 7 (versions

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

CVE•added 3 days ago•10 views

CVE-2026-49043

The CVE-2026-49043 entry concerns the WordPress WP Migrate Lite plugin, versions <= 2.7.8, with an unauthenticated Cross Site Request Forgery (CSRF) vulnerability. According to the connected data, the issue is attributed to CSRF within WP Migrate Lite (

4.7CVSS5.2AI score0.00119EPSS

Exploits0References1

Cvelist•added 3 days ago•27 views

CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

8.1CVSS0.00322EPSS

Exploits0References1

Vulnrichment•added 3 days ago•4 views

CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

8.1CVSS5.2AI score0.00322EPSS

Exploits0References1

CVE•added 3 days ago•13 views

CVE-2026-48970

The CVE affects WordPress the Really Simple SSL plugin (versions

8.1CVSS5.2AI score0.00322EPSS

Exploits0References1

Cvelist•added 3 days ago•24 views

CVE-2026-48965 WordPress XCloner plugin <= 4.8.6 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in XCloner = 4.8.6 versions...

6.5CVSS0.00326EPSS

Exploits0References1

Cvelist•added 3 days ago•23 views

CVE-2026-48966 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Funnel Builder by FunnelKit = 3.15.0.2 versions...

7.1CVSS0.00175EPSS

Exploits0References1

Vulnrichment•added 3 days ago•4 views

CVE-2026-48966 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Funnel Builder by FunnelKit = 3.15.0.2 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by