263185 matches found
CVE-2026-48885
CVE-2026-48885 concerns a Cross-Site Scripting (XSS) vulnerability in the WordPress HollerBox plugin for versions ≤ 2.3.10.1. The issue is described as unauthenticated XSS. The PatchStack entry assigns a CVSS v3.1 base score of 7.1 (HIGH), with network attack vector, no privileges required, user ...
CVE-2026-48883
CVE-2026-48883 concerns the WordPress plugin WPC Product Bundles for WooCommerce (versions <= 8.5.3) with an Unauthenticated Broken Access Control vulnerability. The available references indicate unauthenticated access to restricted functionality, with CVSS 3.1 base score 7.5 (HIGH) and impact...
CVE-2026-48885 WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in HollerBox = 2.3.10.1 versions...
CVE-2026-48882 WordPress WP Time Slots Booking Form plugin <= 1.2.50 - SQL Injection vulnerability
Subscriber SQL Injection in WP Time Slots Booking Form = 1.2.50 versions...
EUVD-2026-36857
Subscriber SQL Injection in WP Time Slots Booking Form = 1.2.50 versions...
CVE-2026-48881 WordPress TrueBooker plugin <= 1.1.9 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in TrueBooker = 1.1.9 versions...
CVE-2026-48882 WordPress WP Time Slots Booking Form plugin <= 1.2.50 - SQL Injection vulnerability
Subscriber SQL Injection in WP Time Slots Booking Form = 1.2.50 versions...
CVE-2026-48881
Summary: CVE-2026-48881 affects the WordPress TrueBooker plugin (
CVE-2026-48882
CVE-2026-48882 is a SQL Injection vulnerability in WordPress Plugin WP Time Slots Booking Form (versions
CVE-2026-48880 WordPress WP Job Portal plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in WP Job Portal = 2.5.2 versions...
CVE-2026-48880
WP Job Portal (WordPress) plugin
EUVD-2026-36855
Subscriber Cross Site Scripting XSS in WP Job Portal = 2.5.2 versions...
CVE-2026-48878 WordPress Visual Link Preview plugin <= 2.4.1 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.4.1 versions...
CVE-2026-48876 WordPress Stop Spammers plugin <= 2026.3 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Stop Spammers = 2026.3 versions...
CVE-2026-48876
CVE-2026-48876 is an unauthenticated XSS in the WordPress Stop Spammers plugin (versions
CVE-2026-48878
The CVE-2026-48878 entry describes a Sensitive Data Exposure vulnerability in the WordPress Visual Link Preview plugin up to version 2.4.1. Affected software: WordPress Visual Link Preview plugin (versions
CVE-2026-48874
The CVE documents an SQL Injection in WordPress GamiPress plugin versions
CVE-2026-48874 WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability
Subscriber SQL Injection in GamiPress = 7.8.7 versions...
CVE-2026-48874 WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability
Subscriber SQL Injection in GamiPress = 7.8.7 versions...
CVE-2026-48873 WordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Montonio for WooCommerce = 10.1.2 versions...