CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263100 matches found

EUVD•added 3 days ago•5 views

EUVD-2026-36863

Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System = 3.3.6 versions...

8.5CVSS5.7AI score0.00332EPSS

Exploits0References1

CVE•added 3 days ago•12 views

CVE-2026-48964

CVE-2026-48964 affects the WordPress ELEX HelpDesk & Customer Ticketing System plugin (versions

8.5CVSS5.7AI score0.00332EPSS

Exploits0References1

Cvelist•added 3 days ago•24 views

CVE-2026-48964 WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.6 - SQL Injection vulnerability

Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System = 3.3.6 versions...

8.5CVSS0.00332EPSS

Exploits0References1

Vulnrichment•added 3 days ago•3 views

CVE-2026-48889 WordPress Amelia plugin <= 2.3 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in Amelia = 2.3 versions...

8.8CVSS5.2AI score0.00378EPSS

Exploits0References1

Vulnrichment•added 3 days ago•4 views

CVE-2026-48887 WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...

6.5CVSS5.1AI score0.00235EPSS

Exploits0References1

Cvelist•added 3 days ago•22 views

CVE-2026-48887 WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...

6.5CVSS0.00235EPSS

Exploits0References1

Cvelist•added 3 days ago•24 views

CVE-2026-48889 WordPress Amelia plugin <= 2.3 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in Amelia = 2.3 versions...

8.8CVSS0.00378EPSS

Exploits0References1

CVE•added 3 days ago•7 views

CVE-2026-48887

CVE-2026-48887 affects the WordPress JS Help Desk plugin ≤ 3.0.9 with an unauthenticated Broken Access Control flaw. Documents note unauthorized access control weakness but do not provide root cause details or a stated remediation; Patchstack is cited as the source. Exploitation status is not des...

6.5CVSS5.1AI score0.00235EPSS

Exploits0References1

CVE•added 3 days ago•17 views

CVE-2026-48889

The CVE-2026-48889 entry concerns the WordPress Amelia plugin (versions <= 2.3) with a privilege escalation vulnerability affecting subscribers. The attached metrics indicate a high severity (CVSS v3.1 base score 8.8) with network attack vector, low attack complexity, and privileges required a...

8.8CVSS5.2AI score0.00378EPSS

Exploits0References1

Cvelist•added 3 days ago•22 views

CVE-2026-48886 WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability

Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...

9.3CVSS0.00283EPSS

Exploits0References1

Vulnrichment•added 3 days ago•4 views

CVE-2026-48886 WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability

Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...

9.3CVSS5.7AI score0.00283EPSS

Exploits0References1

CVE•added 3 days ago•11 views

CVE-2026-48886

The CVE-2026-48886 entry describes an unauthenticated SQL Injection in WordPress JS Help Desk plugin versions

9.3CVSS5.7AI score0.00283EPSS

Exploits0References1

Cvelist•added 3 days ago•22 views

CVE-2026-48883 WordPress WPC Product Bundles for WooCommerce plugin <= 8.5.3 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...

7.5CVSS0.00238EPSS

Exploits0References1

Cvelist•added 3 days ago•23 views

CVE-2026-48885 WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in HollerBox = 2.3.10.1 versions...

7.1CVSS0.00175EPSS

Exploits0References1

Vulnrichment•added 3 days ago•4 views

CVE-2026-48883 WordPress WPC Product Bundles for WooCommerce plugin <= 8.5.3 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...

7.5CVSS5.2AI score0.00238EPSS

Exploits0References1

CVE•added 3 days ago•9 views

CVE-2026-48885

CVE-2026-48885 concerns a Cross-Site Scripting (XSS) vulnerability in the WordPress HollerBox plugin for versions ≤ 2.3.10.1. The issue is described as unauthenticated XSS. The PatchStack entry assigns a CVSS v3.1 base score of 7.1 (HIGH), with network attack vector, no privileges required, user ...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

CVE•added 3 days ago•7 views

CVE-2026-48883

CVE-2026-48883 concerns the WordPress plugin WPC Product Bundles for WooCommerce (versions <= 8.5.3) with an Unauthenticated Broken Access Control vulnerability. The available references indicate unauthenticated access to restricted functionality, with CVSS 3.1 base score 7.5 (HIGH) and impact...

7.5CVSS5.1AI score0.00238EPSS

Exploits0References1

Vulnrichment•added 3 days ago•5 views

CVE-2026-48885 WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in HollerBox = 2.3.10.1 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

Vulnrichment•added 3 days ago•4 views

CVE-2026-48882 WordPress WP Time Slots Booking Form plugin <= 1.2.50 - SQL Injection vulnerability

Subscriber SQL Injection in WP Time Slots Booking Form = 1.2.50 versions...

8.5CVSS5.7AI score0.00332EPSS

Exploits0References1