CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The CVE-2026-48878 entry describes a Sensitive Data Exposure vulnerability in the WordPress Visual Link Preview plugin up to version 2.4.1. Affected software: WordPress Visual Link Preview plugin (versions

6.5CVSS5.2AI score0.00345EPSS

Exploits0References1

Cvelist•added 3 days ago•25 views

CVE-2026-48874 WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability

Subscriber SQL Injection in GamiPress = 7.8.7 versions...

8.5CVSS0.00332EPSS

Exploits0References1

CVE•added 3 days ago•11 views

CVE-2026-48874

The CVE documents an SQL Injection in WordPress GamiPress plugin versions

8.5CVSS5.7AI score0.00332EPSS

Exploits0References1

Vulnrichment•added 3 days ago•5 views

CVE-2026-48874 WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability

Subscriber SQL Injection in GamiPress = 7.8.7 versions...

8.5CVSS5.7AI score0.00332EPSS

Exploits0References1

Cvelist•added 3 days ago•24 views

CVE-2026-48873 WordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Montonio for WooCommerce = 10.1.2 versions...

7.5CVSS0.00238EPSS

Exploits0References1

Cvelist•added 3 days ago•23 views

CVE-2026-48872 WordPress EmbedPress plugin <= 4.5.2 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in EmbedPress = 4.5.2 versions...

7.5CVSS0.00278EPSS

Exploits0References1

CVE•added 3 days ago•17 views

CVE-2026-48872

CVE-2026-48872 relates to the WordPress WordPress EmbedPress plugin (versions

7.5CVSS5.2AI score0.00278EPSS

Exploits0References1

CVE•added 3 days ago•14 views

CVE-2026-48873

CVE-2026-48873 affects the WordPress plugin Montonio for WooCommerce (versions ≤ 10.1.2). The issue is Unauthenticated Broken Access Control in this plugin, allowing unauthenticated access to protected functionality (impact: high integrity impact; confidentiality/availability not affected per the...

7.5CVSS5.1AI score0.00238EPSS

Exploits0References1

CVE•added 3 days ago•23 views

CVE-2026-48871

The MW WP Form WordPress plugin, versions ≤ 5.1.3, has an unauthenticated Cross Site Scripting (XSS) vulnerability. The provided documents do not specify the exact vulnerable component, root cause, exploit details, or a remediation version. Exploitation status is not described. Monitor Patchstack...

7.1CVSS5.1AI score0.00244EPSS

Exploits0References1

Cvelist•added 3 days ago•25 views

CVE-2026-48871 WordPress MW WP Form plugin <= 5.1.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in MW WP Form = 5.1.3 versions...

7.1CVSS0.00244EPSS

Exploits0References1

Cvelist•added 3 days ago•23 views

CVE-2026-48868 WordPress Simple Shopping Cart plugin <= 5.2.9 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...

7.5CVSS0.00278EPSS

Exploits0References1

Cvelist•added 3 days ago•24 views

CVE-2026-48870 WordPress King Addons for Elementor plugin <= 51.1.62 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in King Addons for Elementor = 51.1.62 versions...

6.5CVSS0.00205EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by