CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263506 matches found

Patchstack•added 2026/06/05 2:37 p.m.•9 views

WordPress MapPress Maps for WordPress plugin <= 2.96.6 - Unauthenticated Insecure Direct Object Reference vulnerability

Unauthenticated Insecure Direct Object Reference vulnerability discovered by Kitch - KitchGlobal in WordPress Plugin MapPress Maps for WordPress versions = 2.96.6...

5.3CVSS5.4AI score0.00813EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:31 p.m.•6 views

WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.16 - Missing Authorization to Authenticated (Contributor+) Privileged Cloud API Operations vulnerability

Missing Authorization to Authenticated Contributor+ Privileged Cloud API Operations vulnerability discovered by Abi Wiranata in WordPress Plugin SEO Plugin by Squirrly SEO versions = 12.4.16...

4.3CVSS5.5AI score0.00296EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:28 p.m.•7 views

WordPress Klamra Paycal for Aspaclaria plugin <= 1.1.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability

Insecure Direct Object Reference to Authenticated Subscriber+ Sensitive Information Exposure vulnerability discovered by KEVIN LEE crattack - OPCIA in WordPress Plugin Klamra Paycal for Aspaclaria versions = 1.1.4...

4.3CVSS5.5AI score0.00234EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:27 p.m.•6 views

WordPress Smart Slider 3 plugin <= 3.5.1.36 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read vulnerability

Authenticated Administrator+ Path Traversal to Arbitrary File Read vulnerability discovered by Nguyen Khanh Hao in WordPress Plugin Smart Slider 3 versions = 3.5.1.36...

4.9CVSS5.5AI score0.00558EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:25 p.m.•9 views

WordPress Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin <= 6.6.4 - Missing Authorization to Unauthenticated Information Exposure vulnerability

Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by Anirudh Makkar in WordPress Plugin Essential Addons for Elementor versions = 6.6.4...

5.3CVSS5.5AI score0.0515EPSS

Exploits1References1Affected Software1

Patchstack•added 2026/06/05 2:23 p.m.•6 views

WordPress LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin <= 4.3.6 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Jamshed Yergashvoyev CVE Guy - Turan Security in WordPress Plugin LearnPress versions = 4.3.6...

5.3CVSS5.4AI score0.00353EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:22 p.m.•6 views

WordPress Quick Playground plugin <= 1.3.4 - Authenticated (Administrator+) Arbitrary File Read vulnerability

Authenticated Administrator+ Arbitrary File Read vulnerability discovered by Pablo Santiago in WordPress Plugin Quick Playground versions = 1.3.4...

4.4CVSS5.4AI score0.00315EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:20 p.m.•6 views

WordPress MDJM Event Management plugin <= 1.7.8.3 - Authenticated (Administrator+) Arbitrary File Upload vulnerability

Authenticated Administrator+ Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin Mobile DJ Manager versions = 1.7.8.3...

7.2CVSS5.4AI score0.00659EPSS

Exploits1References1Affected Software1

Patchstack•added 2026/06/05 2:19 p.m.•6 views

WordPress LearnPress – Backup & Migration Tool plugin <= 4.1.4 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read vulnerability

Authenticated Administrator+ Path Traversal to Arbitrary File Read vulnerability discovered by Wannes Verwimp in WordPress Plugin LearnPress Export Import versions = 4.1.4...

4.9CVSS5.5AI score0.00646EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:17 p.m.•8 views

WordPress EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more plugin <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by UKO - Korea univ. in WordPress Plugin EmbedPress versions = 4.5.3...

6.4CVSS5.4AI score0.00234EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:16 p.m.•6 views

WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin <= 1.3.9.7 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Bao Luu Gia Nguyen in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.9.7...

4.4CVSS5.5AI score0.00214EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 2:1 p.m.•9 views

WordPress WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin <= 1.10.0.4 - Unauthenticated Insufficient Verification of Data Authenticity vulnerability

Unauthenticated Insufficient Verification of Data Authenticity vulnerability discovered by Valatty in WordPress Plugin Contact Form by WPForms versions = 1.10.0.4...

5.3CVSS5.4AI score0.00202EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 1:57 p.m.•8 views

WordPress OptinCraft – Drag & Drop Optins & Popup Builder for WordPress plugin <= 1.2.0 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by Yousef Alraddadi - none in WordPress Plugin OptinCraft – Drag & Drop Optins & Popup Builder for WordPress versions = 1.2.0...

4.9CVSS5.7AI score0.00259EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 1:37 p.m.•6 views

WordPress Click to Chat – HoliThemes plugin <= 4.39 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Valatty in WordPress Plugin Click to Chat versions = 4.39...

6.4CVSS5.4AI score0.00288EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 1:35 p.m.•7 views

WordPress LearnPress – Backup & Migration Tool plugin <= 4.1.4 - Authenticated (Administrator+) PHP Object Injection vulnerability

Authenticated Administrator+ PHP Object Injection vulnerability discovered by Wannes Verwimp in WordPress Plugin LearnPress Export Import versions = 4.1.4...

6.6CVSS5.5AI score0.0045EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 12:41 p.m.•6 views

WordPress Page-list plugin <= 6.2 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure vulnerability

Missing Authorization to Authenticated Contributor+ Sensitive Information Disclosure vulnerability discovered by darkmode in WordPress Plugin Page-list versions = 6.2...

4.3CVSS5.5AI score0.00224EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 12:4 p.m.•8 views

WordPress Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits plugin <= 3.1.0 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Master Addons for Elementor versions = 3.1.0...

6.4CVSS5.4AI score0.00214EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 11:5 a.m.•7 views

WordPress LatePoint – Calendar Booking Plugin for Appointments and Events plugin <= 5.6.0 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Kirasec in WordPress Plugin LatePoint versions = 5.6.0...

4.3CVSS5.5AI score0.00135EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 10:52 a.m.•5 views

WordPress Simple SEO Slideshow plugin <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin Simple SEO Slideshow versions = 1.2.8...

6.4CVSS5.4AI score0.00192EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/06/05 10:46 a.m.•8 views

WordPress RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin <= 5.1.7 - Missing Authorization to Authenticated (Contributor+) Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure vulnerability

Missing Authorization to Authenticated Contributor+ Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin Feedzy versions = 5.1.7...

4.3CVSS5.5AI score0.0029EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by