263280 matches found
Exploit for CVE-2026-7465
CVE-2026-7465 - Spectra Gutenberg Blocks Local Lab Local Dock...
WordPress Enable Media Replace plugin <= 4.1.8 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by tjoffe in WordPress Plugin Enable Media Replace versions = 4.1.8...
WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability
SQL Injection vulnerability discovered by dutafi in WordPress Plugin Directorist Booking versions = 3.0.3...
WordPress Affiliates Manager plugin <= 2.9.50 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by dodoh4t in WordPress Plugin Affiliates Manager versions = 2.9.50...
WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by dodoh4t in WordPress Plugin Conekta Payment Gateway versions = 6.0.0...
WordPress Advanced 301 and 302 Redirect plugin <= 1.6.9 - SQL Injection vulnerability
SQL Injection vulnerability discovered by dodoh4t in WordPress Plugin Advanced 301 and 302 Redirect versions = 1.6.9...
WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin GetPaid versions = 2.8.49...
WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by manop55555 in WordPress Plugin Hippoo Mobile App for WooCommerce versions = 1.9.5...
WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by dodoh4t in WordPress Plugin Listdom versions = 5.5.0...
WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by ParkHyunWoo in WordPress Plugin Faust.js versions = 1.8.7...
WordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerability
Arbitrary File Download vulnerability discovered by Mitchell in WordPress Plugin WPC Product Options for WooCommerce versions = 3.2.1...
WordPress LoginPress Pro plugin <= 6.2.2 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by wackydawg in WordPress Plugin LoginPress Pro versions = 6.2.2...
WordPress Accordions plugin <= 2.3.23 - Authenticated (Custom+) Stored Cross-Site Scripting vulnerability
Authenticated Custom+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Accordion versions = 2.3.23...
WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by ParkHyunWoo in WordPress Plugin Hippoo Mobile App for WooCommerce versions = 1.9.4...
WordPress WooCommerce Anti-Fraud plugin <= 7.2.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Austin Ginder in WordPress Plugin WooCommerce Anti-Fraud versions = 7.2.6...
WordPress WooCommerce Dropshipping plugin <= 5.2.4 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WooCommerce Dropshipping versions = 5.2.4...
WordPress Knit Pay plugin <= 9.4.0.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Averon Averenkov in WordPress Plugin Knit Pay versions = 9.4.0.0...
WordPress WPZOOM Portfolio plugin <= 1.4.21 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Kent Apostol in WordPress Plugin WPZOOM Portfolio versions = 1.4.21...
WordPress Email Encoder Premium plugin < 0.3.12 - Unauthenticated Stored XSS vulnerability
Unauthenticated Stored XSS vulnerability discovered by Matthew Rollings in WordPress Plugin Email Encoder Premium versions 0.3.12...
WordPress Email Address Encoder plugin < 1.0.25 - Unauthenticated Stored XSS vulnerability
Unauthenticated Stored XSS vulnerability discovered by Matthew Rollings in WordPress Plugin Email Address Encoder versions 1.0.25...