Lucene search
K
CvelistRecent

364882 matches found

Cvelist
Cvelist
added 2026/06/17 9:50 a.m.35 views

CVE-2026-39597 WordPress WPZOOM Addons for Elementor plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-39596 WordPress Blocksy Companion Pro plugin < 2.1.29 - SQL Injection vulnerability

Unauthenticated SQL Injection in Blocksy Companion Pro 2.1.29 versions...

9.3CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2026-39595 WordPress W3 Total Cache plugin <= 2.9.1 - Broken Access Control vulnerability

Author Broken Access Control in W3 Total Cache = 2.9.1 versions...

4.7CVSS0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2026-39589 WordPress Webenvo theme <= 0.0.6 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Webenvo = 0.0.6 versions...

9.9CVSS0.00434EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2026-39573 WordPress Mildhill theme <= 1.5 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Mildhill = 1.5 versions...

8.1CVSS0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.25 views

CVE-2026-39582 WordPress Hitek theme < 1.8.3 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Hitek 1.8.3 versions...

8.1CVSS0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2026-39558 WordPress Malmö theme <= 2.2 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Malmö = 2.2 versions...

8.1CVSS0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2026-39546 WordPress MultiLoca plugin <= 4.2.15 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in MultiLoca = 4.2.15 versions...

7.6CVSS0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2026-39545 WordPress Zermatt theme <= 1.6.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Zermatt = 1.6.1 versions...

8.1CVSS0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2026-39537 WordPress Mikado Core plugin <= 1.6 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Mikado Core = 1.6 versions...

8.1CVSS0.00423EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2026-34888 WordPress Bricksforge plugin <= 3.1.8.4 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Bricksforge = 3.1.8.4 versions...

7.5CVSS0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2026-27410 WordPress Slimstat Analytics plugin < 5.4.0 - Deserialization of untrusted data vulnerability

Unauthenticated Deserialization of untrusted data in Slimstat Analytics 5.4.0 versions...

6.5CVSS0.00252EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-27400 WordPress BookPro plugin <= 1.1.0 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in BookPro = 1.1.0 versions...

8.6CVSS0.0054EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-27041 WordPress Unlimited Elements for Elementor (Premium) plugin <= 2.0.6 - Arbitrary File Upload vulnerability

Contributor Arbitrary File Upload in Unlimited Elements for Elementor Premium = 2.0.6 versions...

9.9CVSS0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2026-25446 WordPress WishList Member X plugin <= 3.29.0 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in WishList Member X = 3.29.0 versions...

9.9CVSS0.00434EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.33 views

CVE-2026-24611 WordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in MetForm Pro = 3.9.1 versions...

9.1CVSS0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2026-25439 WordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerability

Unauthenticated Broken Authentication in Booknetic = 4.8.5 versions...

8.1CVSS0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-24610 WordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerability

Subscriber Broken Access Control in MetForm Pro = 3.9.1 versions...

4.3CVSS0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2026-24575 WordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerability

Subscriber Broken Access Control in WishList Member X = 3.29.0 versions...

4.3CVSS0.00259EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-22343 WordPress WordPress Dating Theme theme <= 11.2.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WordPress Dating Theme = 11.2.0 versions...

8.6CVSS0.00261EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-22342 WordPress WordPress Dating Theme theme <= 11.2.0 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability

Unauthenticated Cross Site Request Forgery CSRF in WordPress Dating Theme = 11.2.0 versions...

8.8CVSS0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2026-22340 WordPress WPJobster theme <= 6.3.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in WPJobster = 6.3.5 versions...

9.3CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2026-22339 WordPress WPJobster theme <= 6.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WPJobster = 6.3.5 versions...

7.1CVSS0.0023EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-22338 WordPress EcoBlue theme <= 1.15 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in EcoBlue = 1.15 versions...

8.1CVSS0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2026-22334 WordPress Woocommerce Book Price plugin <= 1.3 - Arbitrary File Download vulnerability

Subscriber Arbitrary File Download in Woocommerce Book Price = 1.3 versions...

7.5CVSS0.00467EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2026-22335 WordPress WooCommerce Frontend Manager – Ultimate plugin < 6.7.7 - SQL Injection vulnerability

Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate 6.7.7 versions...

8.5CVSS0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.33 views

CVE-2026-22332 WordPress Tutor LMS Pro plugin <= 3.9.6 - SQL Injection vulnerability

Unauthenticated SQL Injection in Tutor LMS Pro = 3.9.6 versions...

9.3CVSS0.00283EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.27 views

CVE-2026-22331 WordPress AutoParts theme <= 1.5.8 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in AutoParts = 1.5.8 versions...

8.1CVSS0.00363EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.32 views

CVE-2026-22330 WordPress Right Way theme <= 4.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Right Way = 4.0 versions...

8.1CVSS0.00363EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2026-22329 WordPress Skillate theme <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Skillate = 1.2.10 versions...

7.1CVSS0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2026-22328 WordPress Auto Repair theme <= 22.6 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Auto Repair = 22.6 versions...

7.1CVSS0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.32 views

CVE-2026-22327 WordPress Restaurt theme <= 1.0.4 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...

9.9CVSS0.00465EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2026-22326 WordPress Reprizo theme <= 1.0.8 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Reprizo = 1.0.8 versions...

8.1CVSS0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2026-22325 WordPress Promo theme <= 1.3.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Promo = 1.3.0 versions...

8.1CVSS0.00363EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-9690 WordPress WP Media folder Addon plugin <= 4.0.1 - Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download in WP Media folder Addon = 4.0.1 versions...

7.5CVSS0.00467EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.33 views

CVE-2025-69179 WordPress Support Ticket Management System plugin <= 1.9 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Support Ticket Management System = 1.9 versions...

9.8CVSS0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2025-69173 WordPress Tipsy theme <= 1.1 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Tipsy = 1.1 versions...

8.1CVSS0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.25 views

CVE-2025-69172 WordPress Resurs theme <= 1.3 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Resurs = 1.3 versions...

8.1CVSS0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2025-69171 WordPress Orpheus theme <= 1.3 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Orpheus = 1.3 versions...

8.1CVSS0.00348EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.27 views

CVE-2025-69161 WordPress Snowy theme <= 1.13 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Snowy = 1.13 versions...

8.1CVSS0.00348EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2025-69148 WordPress Quirky theme <= 1.23 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Quirky = 1.23 versions...

8.1CVSS0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2025-69145 WordPress Gat theme <= 1.16 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Gat = 1.16 versions...

8.1CVSS0.00348EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2025-69138 WordPress Genemy theme <= 1.6.6 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in Genemy = 1.6.6 versions...

8.8CVSS0.00389EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2025-69135 WordPress Events Schedule - WordPress Events Calendar Plugin plugin <= 2.7.2 - SQL Injection vulnerability

Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin = 2.7.2 versions...

8.5CVSS0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.39 views

CVE-2025-69129 WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

10CVSS0.00432EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.26 views

CVE-2025-69117 WordPress Ingenioso theme <= 1.14.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Ingenioso = 1.14.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.27 views

CVE-2025-69110 WordPress AirSupply theme <= 2.0.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in AirSupply = 2.0.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.29 views

CVE-2025-60223 WordPress WPBot Pro Wordpress Chatbot plugin <= 13.6.5 - Arbitrary File Deletion vulnerability

Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot = 13.6.5 versions...

7.7CVSS0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.28 views

CVE-2025-60218 WordPress PT Luxa Addons Plugin <= 1.2.2 - Arbitrary File Upload Vulnerability

Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...

9.9CVSS0.00447EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2025-60205 WordPress ThemeREX Addons plugin <= 2.36.1.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in ThemeREX Addons = 2.36.1.1 versions...

9.8CVSS0.00525EPSS
Exploits0References1
Total number of security vulnerabilities364882