363495 matches found
CVE-2026-56062 WordPress Quotes llama plugin <= 3.1.5 - SQL Injection vulnerability
Unauthenticated SQL Injection in Quotes llama = 3.1.5 versions...
CVE-2026-56060 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...
CVE-2026-56061 WordPress Subscriptions for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Subscriptions for WooCommerce = 1.9.5 versions...
CVE-2026-56059 WordPress Travel Booking theme <= 2.2.5 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...
CVE-2026-56058 WordPress Quform plugin <= 2.23.0 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...
CVE-2026-56057 WordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerability
Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...
CVE-2026-56055 WordPress RealHomes theme <= 4.5.3 - PHP Object Injection vulnerability
Subscriber PHP Object Injection in RealHomes = 4.5.3 versions...
CVE-2026-56048 WordPress Payment Gateway Based Fees and Discounts for WooCommerce plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability
Unauthenticated Insecure Direct Object References IDOR in Payment Gateway Based Fees and Discounts for WooCommerce = 3.0.0 versions...
CVE-2026-56047 WordPress perfmatters plugin <= 2.6.3 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in perfmatters = 2.6.3 versions...
CVE-2026-56046 WordPress ListingPro theme <= 2.9.11 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in ListingPro = 2.9.11 versions...
CVE-2026-56045 WordPress Automatic plugin < 3.135.1 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Automatic 3.135.1 versions...
CVE-2026-56044 WordPress Blog2Social plugin <= 8.9.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Blog2Social = 8.9.2 versions...
CVE-2026-56043 WordPress Customer Reviews for WooCommerce plugin <= 5.110.1 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Customer Reviews for WooCommerce = 5.110.1 versions...
CVE-2026-56040 WordPress Gutenverse Form plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Gutenverse Form = 2.4.7 versions...
CVE-2026-56041 WordPress Responsive Lightbox plugin <= 2.7.6 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Responsive Lightbox = 2.7.6 versions...
CVE-2026-56039 WordPress Quick Interest Slider plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Quick Interest Slider = 3.1.6 versions...
CVE-2026-56036 WordPress 워드프레스 결제 심플페이 plugin <= 5.5.6 - SQL Injection vulnerability
Unauthenticated SQL Injection in 워드프레스 결제 심플페이 = 5.5.6 versions...
CVE-2026-56038 WordPress Frisbii Pay plugin <= 1.8.2 - Privilege Escalation vulnerability
Contributor Privilege Escalation in Frisbii Pay = 1.8.2 versions...
CVE-2026-56035 WordPress BitFire Security plugin <= 5.0.3 - Multiple Vulnerabilities vulnerability
Unauthenticated Multiple Vulnerabilities in BitFire Security = 5.0.3 versions...
CVE-2026-56034 WordPress Library Management System plugin <= 3.5.7 - SQL Injection vulnerability
Unauthenticated SQL Injection in Library Management System = 3.5.7 versions...
CVE-2026-56033 WordPress Dokan Pro plugin <= 5.0.4 - Privilege Escalation vulnerability
Unauthenticated Privilege Escalation in Dokan Pro = 5.0.4 versions...
CVE-2026-56032 WordPress Buddyboss Platform plugin <= 3.0.4 - PHP Object Injection vulnerability
Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...
CVE-2026-56031 WordPress Uncanny Automator plugin <= 7.3.1.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...
CVE-2026-56030 WordPress Paytium plugin <= 5.0.2 - Privilege Escalation vulnerability
Unauthenticated Privilege Escalation in Paytium = 5.0.2 versions...
CVE-2026-56029 WordPress CorvusPay WooCommerce Payment Gateway plugin <= 2.7.4 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway = 2.7.4 versions...
CVE-2026-56027 WordPress Booster for WooCommerce plugin <= 8.0.1 - Arbitrary File Upload vulnerability
Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...
CVE-2026-56028 WordPress Easy Elements for Elementor – Addons & Website Templates plugin <= 1.4.9 - Privilege Escalation vulnerability
Unauthenticated Privilege Escalation in Easy Elements for Elementor Addons & Website Templates = 1.4.9 versions...
CVE-2026-56025 WordPress Paymob for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Paymob for WooCommerce = 4.1.2 versions...
CVE-2026-56026 WordPress utm.codes plugin <= 1.9.0 - Server Side Request Forgery (SSRF) vulnerability
Subscriber Server Side Request Forgery SSRF in utm.codes = 1.9.0 versions...
CVE-2026-56011 WordPress MapPress Maps for WordPress plugin <= 2.97.3 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in MapPress Maps for WordPress = 2.97.3 versions...
CVE-2026-56010 WordPress Abandoned Cart Pro for WooCommerce plugin <= 10.4.0 - Privilege Escalation vulnerability
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce = 10.4.0 versions...
CVE-2026-56008 WordPress Fusion Builder plugin <= 3.15.4 - Privilege Escalation vulnerability
Contributor Privilege Escalation in Fusion Builder = 3.15.4 versions...
CVE-2026-54847 WordPress Stylish Cost Calculator plugin <= 8.3.9 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...
CVE-2026-54840 WordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Newsletters = 4.13 versions...
CVE-2026-54846 WordPress Syncee Premium Dropshipping & Wholesale plugin <= 1.0.27 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale = 1.0.27 versions...
CVE-2026-54839 WordPress Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups plugin <= 2.0.9 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Trinity Backup Backup, Migrate, Restore, Clone & Schedule Backups = 2.0.9 versions...
CVE-2026-54835 WordPress Five Star Restaurant Menu plugin <= 2.5.2 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Five Star Restaurant Menu = 2.5.2 versions...
CVE-2026-54837 WordPress Intranet & Private Site – All-In-One Intranet plugin <= 1.8.1 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Intranet & Private Site All-In-One Intranet = 1.8.1 versions...
CVE-2026-54834 WordPress Object Cache 4 everyone plugin <= 2.3.2 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone = 2.3.2 versions...
CVE-2026-54833 WordPress Enable CORS plugin <= 2.0.3 - Backdoor vulnerability
Unauthenticated Backdoor in Enable CORS = 2.0.3 versions...
CVE-2026-54832 WordPress Gutenverse Companion plugin <= 2.5.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Gutenverse Companion = 2.5.0 versions...
CVE-2026-54831 WordPress GeoDirectory plugin <= 2.8.162 - SQL Injection vulnerability
Unauthenticated SQL Injection in GeoDirectory = 2.8.162 versions...
CVE-2026-54827 WordPress Real Estate 7 theme <= 3.5.9 - SQL Injection vulnerability
Unauthenticated SQL Injection in Real Estate 7 = 3.5.9 versions...
CVE-2026-54826 WordPress SupportCandy plugin <= 3.4.6 - Insecure Direct Object References (IDOR) vulnerability
Subscriber Insecure Direct Object References IDOR in SupportCandy = 3.4.6 versions...
CVE-2026-54825 WordPress wpDataTables plugin <= 7.4 - SQL Injection vulnerability
Unauthenticated SQL Injection in wpDataTables = 7.4 versions...
CVE-2026-54824 WordPress Ads by WPQuads plugin <= 3.0.3 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...
CVE-2026-54820 WordPress JetBooking plugin <= 4.0.4.1 - SQL Injection vulnerability
Unauthenticated SQL Injection in JetBooking = 4.0.4.1 versions...
CVE-2026-52701 WordPress User Registration plugin <= 5.2.2 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in User Registration = 5.2.2 versions...
CVE-2025-68075 WordPress BNE Testimonials plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability
Contributor Cross Site Scripting XSS in BNE Testimonials = 2.0.8 versions...
CVE-2026-24547 WordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...