Lucene search
K
CvelistRecent

363495 matches found

Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•38 views

CVE-2026-57651 WordPress Ghost Kit plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Ghost Kit = 3.6.0 versions...

6.5CVSS0.0013EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•30 views

CVE-2026-57650 WordPress Magazine Blocks plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Magazine Blocks = 1.8.3 versions...

6.5CVSS0.0013EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•32 views

CVE-2026-57649 WordPress Shoppable Images Lite plugin <= 1.3 - Broken Access Control vulnerability

Subscriber Broken Access Control in Shoppable Images Lite = 1.3 versions...

4.3CVSS0.00213EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•32 views

CVE-2026-57648 WordPress Nelio Content plugin <= 4.3.4 - Broken Access Control vulnerability

Contributor Broken Access Control in Nelio Content = 4.3.4 versions...

4.3CVSS0.00152EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•32 views

CVE-2026-57647 WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.6.1 - Local File Inclusion vulnerability

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS0.00259EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•35 views

CVE-2026-57646 WordPress Majestic Support plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability

Subscriber Insecure Direct Object References IDOR in Majestic Support = 1.1.7 versions...

5.4CVSS0.00181EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•29 views

CVE-2026-57645 WordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerability

newsletterssubscribers Broken Access Control in Newsletters = 4.13 versions...

8.1CVSS0.00189EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•30 views

CVE-2026-57643 WordPress WP Post Author plugin <= 3.9.1 - SQL Injection vulnerability

Contributor SQL Injection in WP Post Author = 3.9.1 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•30 views

CVE-2026-57644 WordPress Restaurant Menu by MotoPress plugin <= 2.4.10 - SQL Injection vulnerability

Contributor SQL Injection in Restaurant Menu by MotoPress = 2.4.10 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57642 WordPress Gallery plugin <= 4.7.8 - SQL Injection vulnerability

Contributor SQL Injection in Gallery = 4.7.8 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57640 WordPress MasterStudy LMS plugin <= 3.7.30 - Broken Access Control vulnerability

Subscriber Broken Access Control in MasterStudy LMS = 3.7.30 versions...

4.3CVSS0.00243EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•32 views

CVE-2026-57641 WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Real Estate 7 = 3.5.9 versions...

6.5CVSS0.00127EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•32 views

CVE-2026-57638 WordPress Fluent Booking plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Fluent Booking = 2.1.0 versions...

6.5CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•34 views

CVE-2026-57637 WordPress Abandoned Cart Lite for WooCommerce plugin <= 6.8.0 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...

4.3CVSS0.00107EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•33 views

CVE-2026-57636 WordPress wpForo Forum plugin <= 3.0.9 - SQL Injection vulnerability

Contributor SQL Injection in wpForo Forum = 3.0.9 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•34 views

CVE-2026-57635 WordPress FunnelKit Payment Gateway for Stripe WooCommerce plugin <= 1.14.0.3 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in FunnelKit Payment Gateway for Stripe WooCommerce = 1.14.0.3 versions...

6.5CVSS0.00123EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57633 WordPress WCBoost &#8211; Products Compare plugin <= 1.1.0 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...

5.3CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57634 WordPress PPWP plugin <= 1.9.19 - Insecure Direct Object References (IDOR) vulnerability

Contributor Insecure Direct Object References IDOR in PPWP = 1.9.19 versions...

4.3CVSS0.00185EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57632 WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.19.0 - Broken Access Control vulnerability

Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend = 1.19.0 versions...

5.4CVSS0.00275EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•33 views

CVE-2026-57631 WordPress Popup box plugin <= 6.0.1 - SQL Injection vulnerability

Administrator SQL Injection in Popup box = 6.0.1 versions...

7.6CVSS0.00279EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•41 views

CVE-2026-57630 WordPress Blocksy Companion Pro plugin <= 2.1.46 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Blocksy Companion Pro = 2.1.46 versions...

5.3CVSS0.00228EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•30 views

CVE-2026-57629 WordPress StatCounter plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in StatCounter = 2.1.1 versions...

6.5CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•32 views

CVE-2026-57627 WordPress Kirki plugin <= 6.0.11 - Server Side Request Forgery (SSRF) vulnerability

Subscriber Server Side Request Forgery SSRF in Kirki = 6.0.11 versions...

4.9CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•34 views

CVE-2026-57628 WordPress WP All Import plugin <= 4.0.1 - SQL Injection vulnerability

Administrator SQL Injection in WP All Import = 4.0.1 versions...

7.6CVSS0.00279EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•32 views

CVE-2026-57622 WordPress WPCafe plugin <= 3.0.14 - Broken Access Control vulnerability

Subscriber Broken Access Control in WPCafe = 3.0.14 versions...

4.3CVSS0.00259EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•30 views

CVE-2026-57617 WordPress SeedProd Pro plugin < 6.19.5 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in SeedProd Pro 6.19.5 versions...

6.5CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57618 WordPress Neve PRO theme <= 3.1.2 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Neve PRO = 3.1.2 versions...

6.5CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57431 WordPress Featured Image plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability

Author Cross Site Scripting XSS in Featured Image = 2.1 versions...

6.5CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•30 views

CVE-2026-57430 WordPress SEOPress PRO plugin <= 9.1.1 - Broken Access Control vulnerability

Contributor Broken Access Control in SEOPress PRO = 9.1.1 versions...

4.3CVSS0.00185EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57325 WordPress NanoMag theme <= 1.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in NanoMag = 1.8 versions...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•32 views

CVE-2026-57324 WordPress GIFT4U plugin <= 1.0.10 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in GIFT4U = 1.0.10 versions...

6.5CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57323 WordPress Flash & HTML5 Video plugin <= 2.11.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...

5.8CVSS0.00228EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57322 WordPress weMail plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in weMail = 2.1.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57319 WordPress FOX plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in FOX = 1.4.8 versions...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:53 p.m.•31 views

CVE-2026-57321 WordPress H5P plugin <= 1.17.7 - Arbitrary File Deletion vulnerability

Contributor Arbitrary File Deletion in H5P = 1.17.7 versions...

7.1CVSS0.00294EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•32 views

CVE-2026-57318 WordPress Site Reviews plugin <= 8.0.11 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS0.00355EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•31 views

CVE-2026-57317 WordPress Simply Schedule Appointments plugin <= 1.6.12.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.12.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•30 views

CVE-2026-57316 WordPress GetGenie plugin <= 4.4.2 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in GetGenie = 4.4.2 versions...

6.5CVSS0.00355EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•30 views

CVE-2026-57315 WordPress Blocksy Companion Pro plugin <= 2.1.45 - Remote Code Execution (RCE) vulnerability

Contributor Remote Code Execution RCE in Blocksy Companion Pro = 2.1.45 versions...

8.5CVSS0.00351EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•31 views

CVE-2026-57313 WordPress SureCart plugin <= 4.2.2 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in SureCart = 4.2.2 versions...

6.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•32 views

CVE-2026-57314 WordPress SureCart plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•31 views

CVE-2026-57312 WordPress Everest Forms plugin <= 3.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Everest Forms = 3.4.8 versions...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•35 views

CVE-2026-56070 WordPress Advance Product Search plugin <= 1.4.4 - SQL Injection vulnerability

Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...

9.3CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•31 views

CVE-2026-56072 WordPress WoodMart theme <= 8.5.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WoodMart = 8.5.3 versions...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•31 views

CVE-2026-56069 WordPress Toolset Forms plugin <= 2.6.24 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Toolset Forms = 2.6.24 versions...

7.5CVSS0.003EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•32 views

CVE-2026-56068 WordPress JetEngine plugin <= 3.8.10.2 - SQL Injection vulnerability

Unauthenticated SQL Injection in JetEngine = 3.8.10.2 versions...

9.3CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•30 views

CVE-2026-56066 WordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS0.00346EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•36 views

CVE-2026-56067 WordPress JetSmartFilters plugin <= 3.8.3 - SQL Injection vulnerability

Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...

9.3CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•32 views

CVE-2026-56063 WordPress MailChimp Block plugin <= 1.1.15 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in MailChimp Block = 1.1.15 versions...

8.3CVSS0.00178EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/26 2:52 p.m.•33 views

CVE-2026-56064 WordPress Tourfic plugin <= 2.22.5 - SQL Injection vulnerability

Subscriber SQL Injection in Tourfic = 2.22.5 versions...

8.5CVSS0.00278EPSS
Exploits0References1
Total number of security vulnerabilities363495