263148 matches found
CVE-2026-42656 WordPress Contest Gallery plugin <= 28.1.6 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in Contest Gallery = 28.1.6 versions...
CVE-2026-42655 WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...
CVE-2026-42655 WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...
EUVD-2026-36820
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...
CVE-2026-42655
CVE-2026-42655 affects the WordPress plugin “Best Payments Plugin for WP” (versions ≤ 4.6.19). The vulnerability is an unauthenticated payment bypass (unvalidated access) in the plugin, enabling bypass without credentials. CVSS‑3.1 base score 5.9 (MEDIUM) with attack vector Network, attack comple...
CVE-2026-42651 WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
CVE-2026-42650 WordPress AutomatorWP plugin <= 5.6.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.6.7 versions...
CVE-2026-42651 WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
CVE-2026-42651
CVE-2026-42651 affects the WordPress Classified Listing plugin (versions
CVE-2026-42650
The CVE-2026-42650 entry concerns the WordPress AutomatorWP plugin (versions
CVE-2026-42650 WordPress AutomatorWP plugin <= 5.6.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.6.7 versions...
CVE-2026-42649 WordPress Favicon Rotator plugin <= 1.2.11 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Favicon Rotator = 1.2.11 versions...
CVE-2026-42649 WordPress Favicon Rotator plugin <= 1.2.11 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Favicon Rotator = 1.2.11 versions...
CVE-2026-42649
CVE-2026-42649 concerns the WordPress plugin Favicon Rotator (versions
CVE-2026-42639 WordPress GD Rating System plugin <= 3.6.2 - SQL Injection vulnerability
Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...
CVE-2026-42639 WordPress GD Rating System plugin <= 3.6.2 - SQL Injection vulnerability
Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...
CVE-2026-42640 WordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...
CVE-2026-42640 WordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...
CVE-2026-42640
WordPress Classified Listing plugin vulnerable to Unauthenticated Broken Access Control in versions <= 5.3.8. Affected software: WordPress Classified Listing plugin (
CVE-2026-42639
CVE-2026-42639 concerns the WordPress plugin GD Rating System (versions