CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2026-39481 affects the WordPress plugin Modula Image Gallery (versions up to 2.14.18). The issue is described as a PHP Object Injection vulnerability in the plugin, with the author component cited in the initial description. Providing concrete exploit details, affected files, or remediation s...

7.2CVSS5.3AI score0.00446EPSS

Exploits0References1

CVE•added 4 days ago•5 views

CVE-2026-39489

The CVE-2026-39489 entry details a vulnerability in WordPress Download Monitor plugin versions

4.4CVSS5.2AI score0.00337EPSS

Exploits0References1

Vulnrichment•added 4 days ago•4 views

CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS5.2AI score0.00337EPSS

Exploits0References1

Cvelist•added 4 days ago•23 views

CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS0.00337EPSS

Exploits0References1

Cvelist•added 4 days ago•25 views

CVE-2026-39481 WordPress Modula Image Gallery plugin <= 2.14.18 - PHP Object Injection vulnerability

Author PHP Object Injection in Modula Image Gallery = 2.14.18 versions...

7.2CVSS0.00446EPSS

Exploits0References1

CVE•added 4 days ago•9 views

CVE-2026-39480

CVE-2026-39480 affects the WordPress plugin Backup Migration (versions

7.5CVSS5.2AI score0.00376EPSS

Exploits0References1

Cvelist•added 4 days ago•23 views

CVE-2026-39480 WordPress Backup Migration plugin <= 2.1.1 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Backup Migration = 2.1.1 versions...

7.5CVSS0.00376EPSS

Exploits0References1

Cvelist•added 4 days ago•24 views

CVE-2026-39478 WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.87 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...

8.8CVSS0.00428EPSS

Exploits0References1

Cvelist•added 4 days ago•24 views

CVE-2026-39474 WordPress Post Duplicator plugin <= 3.0.10 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Post Duplicator = 3.0.10 versions...

8.8CVSS0.00428EPSS

Exploits0References1

CVE•added 4 days ago•5 views

CVE-2026-39474

The CVE CVE-2026-39474 concerns the WordPress Post Duplicator plugin (versions

8.8CVSS5.3AI score0.00428EPSS

Exploits0References1

CVE•added 4 days ago•9 views

CVE-2026-39478

CVE-2026-39478 concerns the WordPress plugin “Anti-Malware Security and Brute-Force Firewall” (versions

8.8CVSS5.3AI score0.00428EPSS

Exploits0References1

CVE•added 4 days ago•12 views

CVE-2026-39472

The CVE-2026-39472 affects the WordPress WooCommerce PDF Invoices & Packing Slips plugin prior to version 5.9.0, where a PHP Object Injection vulnerability was reported affecting shop manager operations. The root cause is a PHP Object Injection flaw in this plugin version, with CVSS 3.1 base metr...

7.2CVSS5.3AI score0.00446EPSS

Exploits0References1

Cvelist•added 4 days ago•24 views

CVE-2026-39472 WordPress WooCommerce PDF Invoices & Packing Slips plugin < 5.9.0 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...

7.2CVSS0.00446EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by