CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263188 matches found

Cvelist•added 4 days ago•23 views

CVE-2026-45439 WordPress Realtyna Organic IDX plugin plugin <= 5.1.0 - SQL Injection vulnerability

Unauthenticated SQL Injection in Realtyna Organic IDX plugin = 5.1.0 versions...

9.3CVSS0.00291EPSS

Exploits0References1

Cvelist•added 4 days ago•24 views

CVE-2026-45441 WordPress WpEvently plugin <= 5.3.3 - Other Vulnerability Type vulnerability

Unauthenticated Other Vulnerability Type in WpEvently = 5.3.3 versions...

7.5CVSS0.00259EPSS

Exploits0References1

EUVD•added 4 days ago•3 views

EUVD-2026-36842

Unauthenticated Other Vulnerability Type in WpEvently = 5.3.3 versions...

7.5CVSS5.2AI score0.00259EPSS

Exploits0References1

CVE•added 4 days ago•12 views

CVE-2026-45441

CVE-2026-45441 affects the WordPress WpEvently plugin up to version 5.3.3. It is described as unauthenticated, of the “Other Vulnerability Type”, with CVSSv3.1 base score 7.5 (NETWORK, LOW attack complexity, PR/NONE, I/H, UI/NONE). The provided documents do not specify the exact root cause, vulne...

7.5CVSS5.2AI score0.00259EPSS

Exploits0References1

CVE•added 4 days ago•13 views

CVE-2026-45439

CVE-2026-45439 is a reported unauthenticated SQL injection in the WordPress plugin “ Realtyna Organic IDX” (plugin version

9.3CVSS5.7AI score0.00291EPSS

Exploits0References1

CVE•added 4 days ago•8 views

CVE-2026-45437

The CVE-2026-45437 entry concerns the WordPress Product Filter Widget for Elementor plugin (versions

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

Cvelist•added 4 days ago•27 views

CVE-2026-45437 WordPress Product Filter Widget for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Product Filter Widget for Elementor = 1.0.6 versions...

7.1CVSS0.00175EPSS

Exploits0References1

Vulnrichment•added 4 days ago•4 views

CVE-2026-45437 WordPress Product Filter Widget for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Product Filter Widget for Elementor = 1.0.6 versions...

7.1CVSS5.2AI score0.00175EPSS

Exploits0References1

Cvelist•added 4 days ago•26 views

CVE-2026-42775 WordPress AutomatorWP plugin <= 5.7.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.7.2 versions...

7.1CVSS0.00175EPSS

Exploits0References1

Vulnrichment•added 4 days ago•3 views

CVE-2026-42752 WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS5.2AI score0.00222EPSS

Exploits0References1

Cvelist•added 4 days ago•23 views

CVE-2026-42752 WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS0.00222EPSS

Exploits0References1

CVE•added 4 days ago•10 views

CVE-2026-42752

The CVE-2026-42752 entry concerns the WordPress Stripe Payments plugin (versions up to 2.0.98). It describes an unauthenticated bypass vulnerability in Stripe Payments

6.5CVSS5.2AI score0.00222EPSS

Exploits0References1

CVE•added 4 days ago•10 views

CVE-2026-42775

The CVE-2026-42775 issue affects the WordPress plugin AutomatorWP (versions ≤ 5.7.2). It is an unauthenticated Cross Site Scripting (XSS) vulnerability in AutomatorWP ≤ 5.7.2. The provided data lists a CVSS v3.1 base score of 7.1 (High) with network attack vector, no privileges required, and user...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

Vulnrichment•added 4 days ago•6 views

CVE-2026-42775 WordPress AutomatorWP plugin <= 5.7.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.7.2 versions...

7.1CVSS5.1AI score0.00175EPSS

Exploits0References1

CVE•added 4 days ago•11 views

CVE-2026-42743

The CVE concerns WordPress Masteriyo LMS plugin versions ≤ 2.1.8 with an Unauthenticated Broken Authentication vulnerability. Impact is described as low confidentiality and integrity (CVSS v3.1: 6.5, MEDIUM). The issue is in Masteriyo-LMS prior to or at 2.1.8, enabling access without authenticati...

6.5CVSS5.2AI score0.00144EPSS

Exploits0References1

Vulnrichment•added 4 days ago•4 views

CVE-2026-42743 WordPress Masteriyo - LMS plugin <= 2.1.8 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...

6.5CVSS5.2AI score0.00144EPSS

Exploits0References1

Cvelist•added 4 days ago•23 views

CVE-2026-42743 WordPress Masteriyo - LMS plugin <= 2.1.8 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...

6.5CVSS0.00144EPSS

Exploits0References1

Vulnrichment•added 4 days ago•5 views

CVE-2026-42688 WordPress Modula Image Gallery plugin <= 2.14.23 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in Modula Image Gallery = 2.14.23 versions...

6.5CVSS5.1AI score0.00236EPSS

Exploits0References1

CVE•added 4 days ago•11 views

CVE-2026-42688

The CVE details a Cross Site Scripting (XSS) vulnerability in WordPress Modula Image Gallery plugin, affected

6.5CVSS5.1AI score0.00236EPSS

Exploits0References1

Cvelist•added 4 days ago•24 views

CVE-2026-42688 WordPress Modula Image Gallery plugin <= 2.14.23 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in Modula Image Gallery = 2.14.23 versions...

6.5CVSS0.00236EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by