Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

263170 matches found

Cvelist
Cvelistadded 4 days ago25 views

CVE-2026-39503 WordPress Easy Digital Downloads plugin <= 3.6.5 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Easy Digital Downloads = 3.6.5 versions...

7.5CVSS0.00246EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago23 views

CVE-2026-39507 WordPress Social Slider Feed plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Social Slider Feed = 2.3.2 versions...

7.1CVSS0.00175EPSS
Exploits0References1
CVE
CVEadded 4 days ago11 views

CVE-2026-39502

This CVE concerns the WordPress plugin Form Maker by 10Web (versions &lt;= 1.15.38). The issue is described as an Unauthenticated SQL Injection vulnerability in Form Maker by 10Web

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 4 days ago4 views

CVE-2026-39502 WordPress Form Maker by 10Web plugin <= 1.15.38 - SQL Injection vulnerability

Unauthenticated SQL Injection in Form Maker by 10Web = 1.15.38 versions...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago23 views

CVE-2026-39502 WordPress Form Maker by 10Web plugin <= 1.15.38 - SQL Injection vulnerability

Unauthenticated SQL Injection in Form Maker by 10Web = 1.15.38 versions...

9.3CVSS0.00283EPSS
Exploits0References1
CVE
CVEadded 4 days ago8 views

CVE-2026-39498

The Connected document identifies CVE-2026-39498-related details: a PHP Object Injection vulnerability in the WordPress YayMail plugin , affecting versions ≤ 4.3.3 and discovered by daroo . No additional root-cause, impact, exploit, or remediation details are provided in the sources. Monitor for ...

7.2CVSS5.3AI score0.00359EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago22 views

CVE-2026-39498 WordPress YayMail plugin <= 4.3.3 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in YayMail = 4.3.3 versions...

7.2CVSS0.00359EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago24 views

CVE-2026-39499 WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.19 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in Advanced Product Fields Product Addons for WooCommerce = 1.6.19 versions...

7.2CVSS0.00446EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago24 views

CVE-2026-39492 WordPress WP Maps plugin <= 4.9.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in WP Maps = 4.9.1 versions...

9.3CVSS0.00363EPSS
Exploits0References1
CVE
CVEadded 4 days ago4 views

CVE-2026-39493

CVE-2026-39493 : The WordPress plugin Simply Schedule Appointments (versions

9.3CVSS5.7AI score0.00363EPSS
Exploits0References1
CVE
CVEadded 4 days ago5 views

CVE-2026-39492

The CVE records an unauthenticated SQL Injection in WordPress WP Maps plugin

9.3CVSS5.7AI score0.00363EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago24 views

CVE-2026-39493 WordPress Simply Schedule Appointments plugin <= 1.6.9.27 - SQL Injection vulnerability

Unauthenticated SQL Injection in Simply Schedule Appointments = 1.6.9.27 versions...

9.3CVSS0.00363EPSS
Exploits0References1
CVE
CVEadded 4 days ago3 views

CVE-2026-39491

CVE-2026-39491 affects the WordPress JupiterX Core plugin (versions

6.5CVSS5.1AI score0.00229EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago23 views

CVE-2026-39491 WordPress JupiterX Core plugin <= 4.14.1 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in JupiterX Core = 4.14.1 versions...

6.5CVSS0.00229EPSS
Exploits0References1
CVE
CVEadded 4 days ago6 views

CVE-2026-39481

CVE-2026-39481 affects the WordPress plugin Modula Image Gallery (versions up to 2.14.18). The issue is described as a PHP Object Injection vulnerability in the plugin, with the author component cited in the initial description. Providing concrete exploit details, affected files, or remediation s...

7.2CVSS5.3AI score0.00446EPSS
Exploits0References1
CVE
CVEadded 4 days ago5 views

CVE-2026-39489

The CVE-2026-39489 entry details a vulnerability in WordPress Download Monitor plugin versions

4.4CVSS5.2AI score0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 4 days ago4 views

CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS5.2AI score0.00337EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago23 views

CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS0.00337EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago25 views

CVE-2026-39481 WordPress Modula Image Gallery plugin <= 2.14.18 - PHP Object Injection vulnerability

Author PHP Object Injection in Modula Image Gallery = 2.14.18 versions...

7.2CVSS0.00446EPSS
Exploits0References1
CVE
CVEadded 4 days ago9 views

CVE-2026-39480

CVE-2026-39480 affects the WordPress plugin Backup Migration (versions

7.5CVSS5.2AI score0.00376EPSS
Exploits0References1
Rows per page
Query Builder