264442 matches found
WordPress Genzel breadcrumbs plugin <= 1.2 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab - Pondok Teknologi in WordPress Plugin Genzel breadcrumbs versions = 1.2...
WordPress Old Posts Highlighter plugin <= 1.0.3 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Old Posts Highlighter versions = 1.0.3...
WordPress My Email Shortcode plugin <= 0.91 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')] vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability discovered by zakaria in WordPress Plugin My Email Shortcode versions = 0.91...
WordPress faq shortocde plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin faq shortocde versions = 1.0...
WordPress CM Ad Changer – A simple tool to control and optimize your site's banners plugin <= 2.0.7 - Cross-Site Request Forgery to Campaign Deletion vulnerability
Cross-Site Request Forgery to Campaign Deletion vulnerability discovered by jamaal in WordPress Plugin CM Ad Changer versions = 2.0.7...
WordPress Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin <= 26.5 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure vulnerability
Insecure Direct Object Reference to Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by NumeX in WordPress Plugin Yoast SEO versions = 26.5...
WordPress Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates plugin <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Animation Addons for Elementor versions = 2.6.3...
WordPress Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates plugin <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Animation Addons for Elementor versions = 2.6.3...
CVE-2026-8174
Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery CSRF. This issue affects Zoho Mail wordpress plugin versions before 1.6.2...
WordPress Splide Carousel Block plugin <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ZAST.AI - ZAST.AI in WordPress Plugin Splide Carousel Block versions = 1.7.1...
WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by she11f in WordPress Plugin Geo Mashup versions = 1.13.19...
WordPress Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin <= 1.6.11.5 - Unauthenticated Denial of Service vulnerability
Unauthenticated Denial of Service vulnerability discovered by luckybuddy in WordPress Plugin Simply Schedule Appointments versions = 1.6.11.5...
Exploit for CVE-2026-5364
CVE-2026-5364 CVE-2026-5364 is a CVSS 8.1 High Unauthenticat...
WordPress Style Kits for Elementor plugin <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Style Kits versions = 2.5.0...
CVE-2026-8174 Cross-site Request Forgery
Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery CSRF. This issue affects Zoho Mail wordpress plugin versions before 1.6.2...
CVE-2026-8174
The vulnerability is in the Zoho Mail WordPress plugin, affected versions before 1.6.2, and is a Cross-Site Request Forgery (CSRF) issue. The issue is confirmed in multiple sources (CVE entries) and affects the Zoho Mail plugin for WordPress. Root cause and exact vulnerable component are describe...
EUVD-2026-31811
Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery CSRF. This issue affects Zoho Mail wordpress plugin versions before 1.6.2...
CVE-2026-8174
Zohocorp Zoho Mail wordpress plugin is vulnerable to Cross-Site request forgery CSRF. This issue affects Zoho Mail wordpress plugin versions before 1.6.2...
WordPress Modula Image Gallery plugin <= 2.14.23 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Modula Image Gallery versions = 2.14.23...
CVE-2026-24590 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Broken Access Control vulnerability
Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey Site: from n/a through 7.3.23...