Lucene search
K

264442 matches found

Patchstack
Patchstack
added 2026/05/26 5:21 p.m.9 views

WordPress Genzel breadcrumbs plugin <= 1.2 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab - Pondok Teknologi in WordPress Plugin Genzel breadcrumbs versions = 1.2...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 5:20 p.m.8 views

WordPress Old Posts Highlighter plugin <= 1.0.3 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Old Posts Highlighter versions = 1.0.3...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 5:20 p.m.7 views

WordPress My Email Shortcode plugin <= 0.91 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')] vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability discovered by zakaria in WordPress Plugin My Email Shortcode versions = 0.91...

6.4CVSS5.8AI score0.00187EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 5:20 p.m.7 views

WordPress faq shortocde plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin faq shortocde versions = 1.0...

6.4CVSS5.8AI score0.00187EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 4:1 p.m.8 views

WordPress CM Ad Changer – A simple tool to control and optimize your site's banners plugin <= 2.0.7 - Cross-Site Request Forgery to Campaign Deletion vulnerability

Cross-Site Request Forgery to Campaign Deletion vulnerability discovered by jamaal in WordPress Plugin CM Ad Changer versions = 2.0.7...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 3:59 p.m.8 views

WordPress Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin <= 26.5 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Insecure Direct Object Reference to Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by NumeX in WordPress Plugin Yoast SEO versions = 26.5...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 3:52 p.m.8 views

WordPress Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates plugin <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Animation Addons for Elementor versions = 2.6.3...

5.8AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 3:52 p.m.15 views

WordPress Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates plugin <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Animation Addons for Elementor versions = 2.6.3...

5.8AI score
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/26 2:16 p.m.15 views

CVE-2026-8174

Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery CSRF. This issue affects Zoho Mail wordpress plugin versions before 1.6.2...

5.7CVSS0.00371EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/26 1:53 p.m.7 views

WordPress Splide Carousel Block plugin <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ZAST.AI - ZAST.AI in WordPress Plugin Splide Carousel Block versions = 1.7.1...

6.4CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 1:40 p.m.10 views

WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by she11f in WordPress Plugin Geo Mashup versions = 1.13.19...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/26 1:7 p.m.8 views

WordPress Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin <= 1.6.11.5 - Unauthenticated Denial of Service vulnerability

Unauthenticated Denial of Service vulnerability discovered by luckybuddy in WordPress Plugin Simply Schedule Appointments versions = 1.6.11.5...

5.3CVSS5.8AI score0.0035EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/05/26 12:50 p.m.71 views

Exploit for CVE-2026-5364

CVE-2026-5364 CVE-2026-5364 is a CVSS 8.1 High Unauthenticat...

8.1CVSS5.8AI score0.0106EPSS
Exploits1
Patchstack
Patchstack
added 2026/05/26 12:12 p.m.11 views

WordPress Style Kits for Elementor plugin <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Style Kits versions = 2.5.0...

6.4CVSS5.8AI score0.00156EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/26 11:4 a.m.7 views

CVE-2026-8174 Cross-site Request Forgery

Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery CSRF. This issue affects Zoho Mail wordpress plugin versions before 1.6.2...

5.7CVSS5.8AI score0.00371EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 11:4 a.m.25 views

CVE-2026-8174

The vulnerability is in the Zoho Mail WordPress plugin, affected versions before 1.6.2, and is a Cross-Site Request Forgery (CSRF) issue. The issue is confirmed in multiple sources (CVE entries) and affects the Zoho Mail plugin for WordPress. Root cause and exact vulnerable component are describe...

5.7CVSS5.8AI score0.00371EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 11:4 a.m.8 views

EUVD-2026-31811

Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery CSRF. This issue affects Zoho Mail wordpress plugin versions before 1.6.2...

5.7CVSS5.8AI score0.00371EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 11:4 a.m.10 views

CVE-2026-8174

Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery CSRF. This issue affects Zoho Mail wordpress plugin versions before 1.6.2...

5.7CVSS5.8AI score0.00371EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/26 8:46 a.m.7 views

WordPress Modula Image Gallery plugin <= 2.14.23 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Modula Image Gallery versions = 2.14.23...

6.5CVSS5.8AI score0.00236EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/05/26 8:24 a.m.41 views

CVE-2026-24590 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey Site: from n/a through 7.3.23...

5.3CVSS0.00246EPSS
Exploits0References1
Rows per page
Query Builder