CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

NVD•added 3 hours ago•5 views

CVE-2026-57661

Subscriber Broken Access Control in WPComplete = 2.9.5.5 versions...

5.4CVSS

Exploits0References1

CVE•added 4 hours ago•10 views

CVE-2026-57661

The CVE concerns the WordPress WPComplete plugin (affected:

5.4CVSS5.8AI score

Exploits0References1

EUVD•added 4 hours ago•3 views

EUVD-2026-39666

Subscriber Broken Access Control in WPComplete = 2.9.5.5 versions...

5.4CVSS5.8AI score

Exploits0References1

Patchstack•added 5 hours ago•3 views

WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Md. Minaruzzaman Shovon in WordPress Plugin WPComplete versions = 2.9.5.5...

5.4CVSS5.8AI score

Exploits0Affected Software1

RedhatCVE•added 2026/06/05 7:30 p.m.•6 views

CVE-2026-42750

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nexcess WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through = 2.9.5.4...

6.5CVSS5.4AI score0.0013EPSS

Exploits0References1

Patchstack•added 2026/05/29 3:17 p.m.•11 views

WordPress WPComplete plugin <= 2.9.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin WPComplete versions = 2.9.5.4...

6.5CVSS5.8AI score0.0013EPSS

Exploits0Affected Software1

NVD•added 2026/05/27 11:16 a.m.•16 views

CVE-2026-42750

6.5CVSS0.0013EPSS

Exploits0References1

CVE•added 2026/05/27 9:49 a.m.•15 views

CVE-2026-42750

CVE-2026-42750 concerns the WordPress plugin WPComplete by Nexcess. The vulnerability is a stored XSS caused by improper neutralization of input during web page generation, affecting WPComplete versions up to and including 2.9.5.4. Public references consistently describe the issue as a Stored XSS...

6.5CVSS5.8AI score0.0013EPSS

Exploits0References1

Cvelist•added 2026/05/27 9:49 a.m.•31 views

CVE-2026-42750 WordPress WPComplete plugin <= 2.9.5.4 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.0013EPSS

Exploits0References1

EUVD•added 2026/05/27 9:49 a.m.•11 views

EUVD-2026-32199

6.5CVSS5.8AI score0.0013EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 9:49 a.m.•6 views

CVE-2026-42750

6.5CVSS5.8AI score0.0013EPSS

Exploits0References2

CNNVD•added 2026/05/27 12:0 a.m.•12 views

WordPress plugin WPComplete 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.0013EPSS

Exploits0References1

Positive Technologies•added 2026/05/27 12:0 a.m.•10 views

PT-2026-43659

6.5CVSS5.8AI score0.0013EPSS

Exploits0References2

Patchstack•added 2025/10/24 4:28 p.m.•3 views

WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WPComplete versions = 2.9.5.3...

5.3CVSS7AI score0.00313EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/10/23 3:14 p.m.•2 views

CVE-2025-49906

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS7AI score0.00313EPSS

Exploits0References1

EUVD•added 2025/10/22 3:31 p.m.•3 views

EUVD-2025-35548

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS6.5AI score0.00313EPSS

Exploits0References2

NVD•added 2025/10/22 3:15 p.m.•2 views

CVE-2025-49906

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS0.00313EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•5 views

CVE-2025-49906

CVE-2025-49906 affects StellarWP WPComplete (wpcomplete) up to version 2.9.5.3. The vulnerability is due to Missing Authorization, allowing access to functionality not constrained by ACLs. Exploitation details are not provided in the documents, but multiple sources confirm the issue and recommend...

5.3CVSS6.6AI score0.00313EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•1 views

CVE-2025-49906 WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS6.6AI score0.00313EPSS

Exploits0References1

Cvelist•added 2025/10/22 2:32 p.m.•8 views

CVE-2025-49906 WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

5.3CVSS0.00313EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by