264442 matches found
CVE-2026-24590
The CVE-2026-24590 entry affects the WordPress plugin “Paid Videochat Turnkey Site” (versions up to and including 7.3.23). Root cause: Missing/incorrect authorization allows Broken Access Control. Impact, per the provided metrics, is low confidentiality impact and no integrity/availability impact...
CVE-2026-24590 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Broken Access Control vulnerability
Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey Site: from n/a through 7.3.23...
WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by ChuongVN in WordPress Plugin Paid Videochat Turnkey Site versions = 7.3.23...
WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by ChuongVN in WordPress Plugin Paid Videochat Turnkey Site versions = 7.3.23...
CVE-2026-24638
CVE-2026-24638 concerns a missing authorization issue in the WordPress RepairBuddy plugin (
CVE-2026-24638 WordPress RepairBuddy plugin <= 4.1121 - Broken Access Control vulnerability
Missing Authorization vulnerability in Webful Creations RepairBuddy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RepairBuddy: from n/a through 4.1121...
CVE-2026-24638 WordPress RepairBuddy plugin <= 4.1121 - Broken Access Control vulnerability
Missing Authorization vulnerability in Webful Creations RepairBuddy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RepairBuddy: from n/a through 4.1121...
WordPress RepairBuddy plugin <= 4.1121 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin RepairBuddy versions = 4.1121...
CVE-2026-27427 WordPress Geo Mashup plugin <= 1.13.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS. This issue affects Geo Mashup: from n/a through 1.13.18...
CVE-2026-27427 WordPress Geo Mashup plugin <= 1.13.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS. This issue affects Geo Mashup: from n/a through 1.13.18...
CVE-2026-27427
The CVE-2026-27427 entry concerns the WordPress Geo Mashup plugin (versions up to 1.13.18) and describes a Stored XSS vulnerability caused by improper neutralization of input during web page generation. The affected component is the Geo Mashup plugin, with the root cause identified as improper in...
WordPress Geo Mashup plugin <= 1.13.18 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Geo Mashup versions = 1.13.18...
Exploit for CVE-2026-27384
CVE-2026-27384 CVE-2026-27384 — W3 Total Cache mfunc/eval...
WordPress Medeus theme <= 1.14 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Medeus versions = 1.14...
WordPress Top Dog theme <= 1.0.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Top Dog versions = 1.0.5...
WordPress Quirky theme <= 1.23 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Quirky versions = 1.23...
WordPress Putter theme <= 1.17 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Putter versions = 1.17...
WordPress Dom theme <= 1.24 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Dom versions = 1.24...
WordPress Gat theme <= 1.16 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Gat versions = 1.16...
WordPress Preservation theme <= 1.10 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Preservation versions = 1.10...