263149 matches found
CVE-2026-40799
CVE-2026-40799 affects the WordPress plugin Simple Cloudflare Turnstile (versions
CVE-2026-40798
WPForo Forum plugin for WordPress <= 3.0.4 is affected by an unauthenticated SQL injection vulnerability. The CVE entry cites unauthenticated SQL Injection in wpForo Forum <= 3.0.4, with CVSSv3.1 base score 9.3 (CRITICAL) and impact TIC: Confidentiality High, Availability Low, no privileges...
CVE-2026-40796 WordPress WPPizza plugin <= 3.19.9 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in WPPizza = 3.19.9 versions...
CVE-2026-40796
CVE-2026-40796 affects WordPress WPPizza plugin versions
CVE-2026-40794 WordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerability
Subscriber Broken Access Control in myCred = 3.0.3 versions...
CVE-2026-40795 WordPress Amelia plugin <= 2.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in Amelia = 2.2 versions...
CVE-2026-40794 WordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerability
Subscriber Broken Access Control in myCred = 3.0.3 versions...
CVE-2026-40795 WordPress Amelia plugin <= 2.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in Amelia = 2.2 versions...
CVE-2026-40794
The CVE concerns WordPress plugin myCred ≤ 3.0.3 with a Broken Access Control vulnerability. Affected software: WordPress plugin myCred (versions up to 3.0.3). The provided sources identify the issue but do not disclose the exact root cause, affected functions/files, or concrete impact details be...
CVE-2026-40793 WordPress Groundhogg plugin < 4.4.1 - Broken Access Control vulnerability
Subscriber Broken Access Control in Groundhogg 4.4.1 versions...
CVE-2026-40793
CVE-2026-40793 concerns the WordPress Groundhogg plugin (versions earlier than 4.4.1) with a Broken Access Control vulnerability. The public description identifies the issue as a subscriber-level access control flaw in Groundhogg < 4.4.1. The connected documents corroborate that the vulnerabil...
CVE-2026-40793 WordPress Groundhogg plugin < 4.4.1 - Broken Access Control vulnerability
Subscriber Broken Access Control in Groundhogg 4.4.1 versions...
CVE-2026-40791 WordPress WP Time Slots Booking Form plugin <= 1.2.46 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in WP Time Slots Booking Form = 1.2.46 versions...
CVE-2026-40792 WordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerability
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
CVE-2026-40791 WordPress WP Time Slots Booking Form plugin <= 1.2.46 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in WP Time Slots Booking Form = 1.2.46 versions...
CVE-2026-40792 WordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerability
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
CVE-2026-40792
The vulnerability concerns the WordPress KiviCare plugin (versions
CVE-2026-40791
CVE-2026-40791 affects the WordPress plugin WP Time Slots Booking Form (versions
CVE-2026-40790 WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...
CVE-2026-40790 WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...