Lucene search
K

264275 matches found

Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42728 WordPress HT Contact Form 7 plugin <= 2.8.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Contact Form 7 ht-contactform allows Stored XSS.This issue affects HT Contact Form 7: from n/a through = 2.8.2...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.20 views

CVE-2026-42735

The CVE concerns the WordPress KiviCare plugin by Iqonic Design (affected: KiviCare kivicare-clinic-management-system, plugin version

8.2CVSS5.8AI score0.00255EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.16 views

CVE-2026-42732

CVE-2026-42732 affects the WordPress plugin Ads by WPQuads (quick-adsense-reloaded) up to version 3.0.2. The issue is described as Improper Validation of Specified Quantity in Input, allowing Input Data Manipulation. The CVE notes a Medium severity (CVSS 3.1: 6.5) with network attack vector, no u...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.29 views

CVE-2026-42727 WordPress Active Products Tables for WooCommerce plugin <= 1.0.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...

9.3CVSS0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42727 WordPress Active Products Tables for WooCommerce plugin <= 1.0.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.11 views

CVE-2026-42729 WordPress PropertyHive plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Property Hive PropertyHive propertyhive allows DOM-Based XSS.This issue affects PropertyHive: from n/a through = 2.2.2...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.8 views

CVE-2026-42734 WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.34 views

CVE-2026-42731 WordPress miniorange otp verification plugin <= 5.4.9 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through = 5.4.9...

9.8CVSS0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.31 views

CVE-2026-42726 WordPress AWP Classifieds plugin <= 4.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AWP Classifieds: from n/a through = 4.4.5...

6.5CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.29 views

CVE-2026-42734 WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.17 views

CVE-2026-42727

CVE-2026-42727 affects the WordPress plugin Profit-Products-Tables-for-WooCommerce (Active Products Tables for WooCommerce) ≤ 1.0.8. The root cause is improper neutralization of special elements used in SQL commands, enabling Blind SQL Injection. The impact is described as Blind SQL Injection; no...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.20 views

CVE-2026-42734

The CVE-2026-42734 entry describes a Reflected Cross-Site Scripting (XSS) in the WordPress Geo Mashup plugin by Dylan Kuhn, affected up to Geo Mashup &lt;= 1.13.19. Root cause: improper neutralization of input during web page generation. Affected software: Geo Mashup plugin for WordPress (versions

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:49 a.m.11 views

EUVD-2026-32178

Missing Authorization vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AWP Classifieds: from n/a through = 4.4.5...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.16 views

CVE-2026-42726

CVE-2026-42726 describes a Missing Authorization / Broken Access Control in the WordPress plugin AWP Classifieds (versions

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42731 WordPress miniorange otp verification plugin <= 5.4.9 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through = 5.4.9...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42726 WordPress AWP Classifieds plugin <= 4.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AWP Classifieds: from n/a through = 4.4.5...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.18 views

CVE-2026-42729

CVE-2026-42729 documents a DOM-based Cross-Site Scripting (XSS) vulnerability in the WordPress PropertyHive plugin, specifically in versions &lt;= 2.2.2. The root cause is described as improper neutralization of input during web page generation. Affected product: PropertyHive (WordPress plugin); ...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.21 views

CVE-2026-42731

CVE-2026-42731 affects the WordPress plugin miniorange OTP verification (miniorange-otp-verification) up to and including version 5.4.9. Root cause: Incorrect Privilege Assignment leading to Privilege Escalation . Affected component: the plugin’s privilege handling; impact is described as high (c...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/27 9:45 a.m.15 views

WordPress Advanced Custom Fields (ACF®) plugin <= 6.8.1 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Advanced Custom Fields versions = 6.8.1...

5.8AI score
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:27 a.m.7 views

CVE-2026-3349

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter on the redirect page in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

6.1CVSS6AI score0.00256EPSS
Exploits0References4
Rows per page
Query Builder