Lucene search
K

264253 matches found

CVE
CVE
added 2026/05/27 9:49 a.m.20 views

CVE-2026-42735

The CVE concerns the WordPress KiviCare plugin by Iqonic Design (affected: KiviCare kivicare-clinic-management-system, plugin version

8.2CVSS5.8AI score0.00255EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.29 views

CVE-2026-42727 WordPress Active Products Tables for WooCommerce plugin <= 1.0.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...

9.3CVSS0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42727 WordPress Active Products Tables for WooCommerce plugin <= 1.0.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.11 views

CVE-2026-42729 WordPress PropertyHive plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Property Hive PropertyHive propertyhive allows DOM-Based XSS.This issue affects PropertyHive: from n/a through = 2.2.2...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.8 views

CVE-2026-42734 WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.34 views

CVE-2026-42731 WordPress miniorange otp verification plugin <= 5.4.9 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through = 5.4.9...

9.8CVSS0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.31 views

CVE-2026-42726 WordPress AWP Classifieds plugin <= 4.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AWP Classifieds: from n/a through = 4.4.5...

6.5CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.29 views

CVE-2026-42734 WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.17 views

CVE-2026-42727

CVE-2026-42727 affects the WordPress plugin Profit-Products-Tables-for-WooCommerce (Active Products Tables for WooCommerce) ≤ 1.0.8. The root cause is improper neutralization of special elements used in SQL commands, enabling Blind SQL Injection. The impact is described as Blind SQL Injection; no...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.20 views

CVE-2026-42734

The CVE-2026-42734 entry describes a Reflected Cross-Site Scripting (XSS) in the WordPress Geo Mashup plugin by Dylan Kuhn, affected up to Geo Mashup &lt;= 1.13.19. Root cause: improper neutralization of input during web page generation. Affected software: Geo Mashup plugin for WordPress (versions

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:49 a.m.11 views

EUVD-2026-32178

Missing Authorization vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AWP Classifieds: from n/a through = 4.4.5...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.16 views

CVE-2026-42726

CVE-2026-42726 describes a Missing Authorization / Broken Access Control in the WordPress plugin AWP Classifieds (versions

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42731 WordPress miniorange otp verification plugin <= 5.4.9 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through = 5.4.9...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42726 WordPress AWP Classifieds plugin <= 4.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AWP Classifieds: from n/a through = 4.4.5...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.18 views

CVE-2026-42729

CVE-2026-42729 documents a DOM-based Cross-Site Scripting (XSS) vulnerability in the WordPress PropertyHive plugin, specifically in versions &lt;= 2.2.2. The root cause is described as improper neutralization of input during web page generation. Affected product: PropertyHive (WordPress plugin); ...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.21 views

CVE-2026-42731

CVE-2026-42731 affects the WordPress plugin miniorange OTP verification (miniorange-otp-verification) up to and including version 5.4.9. Root cause: Incorrect Privilege Assignment leading to Privilege Escalation . Affected component: the plugin’s privilege handling; impact is described as high (c...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/27 9:45 a.m.15 views

WordPress Advanced Custom Fields (ACF®) plugin <= 6.8.1 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Advanced Custom Fields versions = 6.8.1...

5.8AI score
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:27 a.m.7 views

CVE-2026-3349

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter on the redirect page in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

6.1CVSS6AI score0.00256EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:27 a.m.11 views

CVE-2026-3348

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings Description, Title, and other fields in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

4.4CVSS6AI score0.00237EPSS
Exploits0References4
CVE
CVE
added 2026/05/27 9:27 a.m.20 views

CVE-2026-2288

CVE-2026-2288 affects the WordPress plugin myLinksDump (versions up to 1.6). The vulnerability is a Stored Cross-Site Scripting flaw triggered by the attack vector through the public-facing parameter 'link_title', caused by insufficient input sanitization and output escaping. Authentication requi...

4.8CVSS6AI score0.0023EPSS
Exploits0References5
Rows per page
Query Builder