Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

263183 matches found

Cvelist
Cvelistadded 4 days ago22 views

CVE-2026-39435 WordPress CformsII plugin <= 15.1.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in CformsII = 15.1.3 versions...

7.1CVSS0.00175EPSS
Exploits0References1
CVE
CVEadded 4 days ago4 views

CVE-2026-39441

CVE-2026-39441 affects the WordPress plugin Feed KuantoKusta for WooCommerce – Free, version

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
CVE
CVEadded 4 days ago10 views

CVE-2026-39435

CVE-2026-39435 affects WordPress CformsII plugin versions

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago24 views

CVE-2026-39441 WordPress Feed KuantoKusta for WooCommerce – Free plugin <= 5.3 - SQL Injection vulnerability

Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free = 5.3 versions...

9.3CVSS0.00283EPSS
Exploits0References1
CVE
CVEadded 4 days ago4 views

CVE-2026-34902

CVE-2026-34902 describes an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress plugin “WooCommerce Product Table Lite” up to version 4.6.3. The issue affects the plugin’s handling of input in the product table rendering, enabling XSS payloads to be executed in contexts wher...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago23 views

CVE-2026-39434 WordPress CTX Feed plugin <= 6.6.26 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in CTX Feed = 6.6.26 versions...

7.2CVSS0.00446EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 4 days ago4 views

CVE-2026-34902 WordPress WooCommerce Product Table Lite plugin <= 4.6.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WooCommerce Product Table Lite = 4.6.3 versions...

7.1CVSS5.2AI score0.00175EPSS
Exploits0References1
CVE
CVEadded 4 days ago12 views

CVE-2026-39434

CVE-2026-39434 affects WordPress CTX Feed plugin (WebAppick CTX Feed) versions

7.2CVSS5.3AI score0.00446EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago26 views

CVE-2026-34902 WordPress WooCommerce Product Table Lite plugin <= 4.6.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WooCommerce Product Table Lite = 4.6.3 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago22 views

CVE-2026-34901 WordPress iControlWP plugin <= 5.5.3 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in iControlWP = 5.5.3 versions...

9.8CVSS0.00321EPSS
Exploits0References1
CVE
CVEadded 4 days ago8 views

CVE-2026-34901

CVE-2026-34901 affects WordPress iControlWP plugin,

9.8CVSS5.2AI score0.00321EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago22 views

CVE-2026-34898 WordPress Event Tickets Manager for WooCommerce plugin <= 1.5.3 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce = 1.5.3 versions...

7.5CVSS0.00246EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago25 views

CVE-2026-34900 WordPress GiveWP plugin <= 4.14.2 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in GiveWP = 4.14.2 versions...

7.1CVSS0.00175EPSS
Exploits0References1
CVE
CVEadded 4 days ago4 views

CVE-2026-34898

The CVE-2026-34898 entry concerns the WordPress plugin “Event Tickets Manager for WooCommerce” (versions &lt;= 1.5.3). It describes Unauthenticated Broken Access Control, with CVSS v3.1 base metrics: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N, base score 7.5 (HIGH). The vulnerability impacts integrity (...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References1
CVE
CVEadded 4 days ago9 views

CVE-2026-34900

CVE-2026-34900 concerns the WordPress GiveWP plugin up to version 4.14.2, with an Unauthenticated Reflected Cross Site Scripting (XSS) vulnerability reported. The connected Patchstack entry confirms the affected product and vulnerability type (Reflected XSS) but does not provide specific exploit ...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago22 views

CVE-2026-34892 WordPress Rank Math SEO plugin <= 1.0.271 - Broken Access Control vulnerability

Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...

6.5CVSS0.00271EPSS
Exploits0References1
CVE
CVEadded 4 days ago6 views

CVE-2026-34892

The CVE-2026-34892 entry describes a Broken Access Control vulnerability in the WordPress Rank Math SEO plugin (versions

6.5CVSS5.1AI score0.00271EPSS
Exploits0References1
CVE
CVEadded 4 days ago7 views

CVE-2026-34886

The CVE-2026-34886 entry affects WordPress WordPress Simple Membership plugin versions

7.5CVSS5.1AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago24 views

CVE-2026-34886 WordPress Simple Membership plugin <= 4.7.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

7.5CVSS0.00251EPSS
Exploits0References1
Cvelist
Cvelistadded 4 days ago22 views

CVE-2026-34891 WordPress IDPay Payment Gateway for Woocommerce plugin <= 2.2.5 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...

7.5CVSS0.00303EPSS
Exploits0References1
Rows per page
Query Builder