Lucene search
+L
CvelistRecent

366585 matches found

cvelist
cvelist
added 53 minutes ago3 views

CVE-2023-49899 Origin Validation Error in X-Rite MA-T6

An unauthenticated remote attacker can execute any command on the affected device due to not correctly verifying the origin of a communication channel...

9.8CVSS
Exploits0References1
cvelist
cvelist
added 53 minutes ago3 views

CVE-2023-49900 Origin Validation Error in X-Rite MA-T6

An unauthenticated remote attacker is able to perform remote code execution due to incorrectly sanitized user input in the SetParameter command...

9.8CVSS
Exploits0References1
cvelist
cvelist
added 2 hours ago7 views

CVE-2026-22752 Spring Security Authorization Server Dynamic Client Registration endpoints perform insufficient validation of client metadata

Authentication bypass by primary weakness vulnerability in Spring Security Spring Authorization Server. This issue affects Spring Authorization Server: from 7.0.0 through 7.0.4, from 1.5.0 through 1.5.6, from 1.4.0 through 1.4.9, from 1.3.0 through 1.3.10...

9.6CVSS
Exploits0References1
cvelist
cvelist
added 2 hours ago10 views

CVE-2026-6424 Use-after-free vulnerability in ESET security products for Linux

Use-after-free vulnerability in ESET Linux products potentially allowed an attacker to trigger kernel panic on the system...

6.7CVSS
Exploits0References1
cvelist
cvelist
added 2 hours ago6 views

CVE-2026-15324 SysBasics Customize My Account for WooCommerce <= 4.4.14 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'row_type' Parameter

The SysBasics Customize My Account for WooCommerce – Live My Account Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rowtype' parameter in all versions up to, and including, 4.4.14 due to insufficient input sanitization and output escaping. This makes it...

4.4CVSS
Exploits0References8
cvelist
cvelist
added 2 hours ago9 views

CVE-2026-15021 wpForo Forum <= 3.1.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'location' Profile Field

The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'location' Profile Field in all versions up to, and including, 3.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access...

6.4CVSS
Exploits0References8
cvelist
cvelist
added 2 hours ago7 views

CVE-2026-15103 WPFunnels <= 3.12.8 - Authenticated (Funnel Manager+) Privilege Escalation via 'group_id' Path Parameter

The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Privilege Escalation via arbitrary option update in all versions up to, and including, 3.12.8. This is due to the updatesettings REST callback failing to validate the groupid path...

8.8CVSS
Exploits0References6
cvelist
cvelist
added 2 hours ago6 views

CVE-2026-15727 WP Bulk Delete <= 1.4.2 - Authenticated (Administrator+) SQL Injection via 'delete_user_roles' Parameter

The WP Bulk Delete plugin for WordPress is vulnerable to generic SQL Injection via the 'deleteuserroles' parameter in all versions up to, and including, 1.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

4.9CVSS
Exploits0References10
cvelist
cvelist
added 2 hours ago7 views

CVE-2026-13741 Digits: WordPress Mobile Number Signup and Login <= 9.1.0.5 - Authenticated (Subscriber+) Privilege Escalation via 'digits_reg_userrole' Parameter

The Digits: WordPress Mobile Number Signup and Login plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 9.1.0.5. This is due to missing authorization and role validation in the digupdatewpwccustomfields function. This makes it possible for authenticat...

8.8CVSS
Exploits0References2
cvelist
cvelist
added 2 hours ago9 views

CVE-2026-15005 Loco Translate <= 2.8.5 - Cross-Site Request Forgery to Remote Code Execution via 'template' Parameter

The Loco Translate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.5. This is due to missing or incorrect nonce validation on the execTemplate function. This makes it possible for unauthenticated attackers to execute arbitrary PHP code on...

8.8CVSS
Exploits0References10
cvelist
cvelist
added 2 hours ago7 views

CVE-2026-58078 Joomla Extension - themexpert.com - Unauthenticated SQL injection in Quix Page Builder Pro < 6.2.1

The Joomla extension Quix Page Builder Pro is vulnerable to an unauthenticated SQL injection...

8.7CVSS
Exploits0References2
cvelist
cvelist
added 3 hours ago7 views

CVE-2026-6423 Local privilege escalation via unauthenticated ALPC in ESET Inspect Connector

A local privilege escalation vulnerability in ESET Inspect Connector. The vulnerability was caused by improper authentication in an IPC channel...

8.5CVSS
Exploits0References1
cvelist
cvelist
added 3 hours ago9 views

CVE-2026-13755 Tickera <= 3.6.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'price_wrapper' Shortcode Attribute

The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'pricewrapper' Shortcode Attribute in all versions up to, and including, 3.6.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS
Exploits0References5
cvelist
cvelist
added 3 hours ago6 views

CVE-2026-15610 WPBot <= 8.5.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary RAG Document Re-Sync via ajax_rag_manual_sync() Function

The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS
Exploits0References8
cvelist
cvelist
added 3 hours ago5 views

CVE-2026-15106 WPBot <= 8.5.6 - Missing Authorization to Unauthenticated Arbitrary Chat Session Deletion via 'userid' Parameter

The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

5.3CVSS
Exploits0References8
cvelist
cvelist
added 3 hours ago6 views

CVE-2026-15651 WP TripAdvisor Review Slider <= 14.6 - Authenticated (Administrator+) SQL Injection via 'filtersource' Parameter

The WP TripAdvisor Review Slider plugin for WordPress is vulnerable to generic SQL Injection via the 'filtersource' parameter in all versions up to, and including, 14.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS
Exploits0References6
cvelist
cvelist
added 3 hours ago4 views

CVE-2026-15407 Themify Builder <= 7.7.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Stylesheet Write/Delete via tb_generate_on_fly AJAX Action

The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS
Exploits0References10
cvelist
cvelist
added 3 hours ago9 views

CVE-2026-15008 Uncanny Automator <= 7.3.1.4 - Unauthenticated PHP Object Injection to Arbitrary File Deletion via Forminator Submitted-Field Token

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the frtoken function in all versions up to, and including, 7.3.1.4. This makes it possible for...

8.1CVSS
Exploits0References7
cvelist
cvelist
added 3 hours ago4 views

CVE-2026-15022 Tutor LMS <= 4.0.0 - Authenticated (Subscriber+) SQL Injection via Stored Quiz Answer Array

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to generic SQL Injection via Stored Quiz Answer Array in all versions up to, and including, 4.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

6.5CVSS
Exploits0References13
cvelist
cvelist
added 3 hours ago4 views

CVE-2026-13754 Tickera <= 3.6.0.0 - Authenticated (Staff+) SQL Injection via 's' Parameter

The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and including, 3.6.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

6.5CVSS
Exploits0References5
cvelist
cvelist
added 3 hours ago5 views

CVE-2026-7543 Breakdance <= 2.7.1 - Unauthenticated Stored Cross-Site Scripting via Webhook Action Details

The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fields' parameter in versions up to, and including, 2.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

7.2CVSS
Exploits0References2
cvelist
cvelist
added 3 hours ago7 views

CVE-2026-15350 The Cache Purger <= 2.3.20 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Log Deletion via 'the_log_purge' Parameter

The The Cache Purger plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.3.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS
Exploits0References6
cvelist
cvelist
added 3 hours ago6 views

CVE-2026-13767 Quiz and Survey Master (QSM) <= 11.2.0 - Authenticated (Custom+) SQL Injection via 'pages' Parameter

The Quiz Master Next plugin for WordPress is vulnerable to SQL Injection via stored quiz page data in versions up to, and including, 11.2.0. This is due to insufficient escaping on the user-supplied 'pages' parameter persisted by the qsmajaxsavepages AJAX handler sanitizetextfield only and lack o...

6.5CVSS
Exploits0References5
cvelist
cvelist
added 3 hours ago5 views

CVE-2026-15099 WP Delicious <= 1.10.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'steps' Block Attribute

The Delicious Recipes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'steps' block attribute in versions up to, and including, 1.10.2. This is due to insufficient input sanitization and output escaping in the wrapdirectiontext function, which interpolates the...

6.4CVSS
Exploits0References5
cvelist
cvelist
added 5 hours ago6 views

CVE-2026-12979 FunnelKit < 3.15.0.6 - Admin+ Arbitrary File Deletion via Path Traversal in Template Importer

The FunnelKit WordPress plugin before 3.15.0.6 does not validate a user-supplied path before deleting a file during a template-import operation, allowing users with administrator privileges to delete arbitrary .json files outside the intended directory through path traversal, which can disable...

Exploits0References1
cvelist
cvelist
added 5 hours ago7 views

CVE-2026-12684 Customer Reviews for WooCommerce < 5.113.0 - Unauthenticated Arbitrary Media Upload via cr_upload_media

The Customer Reviews for WooCommerce WordPress plugin before 5.113.0 does not perform authentication, capability, or nonce checks on one of its media upload AJAX actions when the review media attachment feature is enabled, allowing unauthenticated users to upload media files bounded to an image a...

Exploits0References1
cvelist
cvelist
added 5 hours ago5 views

CVE-2026-12869 Header Footer Builder for Elementor < 1.2.1 - Contributor+ Stored XSS via Template Import

The Header Footer Builder for Elementor WordPress plugin before 1.2.1 does not require an administrative capability for its dashboard template-import action it allows any editposts user, so a Contributor can import a template containing an Elementor HTML widget configured to display site-wide,...

Exploits0References1
cvelist
cvelist
added 5 hours ago8 views

CVE-2026-12906 RTMKit Addons for Elementor < 2.0.9 - Contributor+ Private Post Title Disclosure

The RTMKit WordPress plugin before 2.0.9 does not perform a capability check in one of its AJAX actions and resolves a request-supplied post identifier directly, allowing users with at least the Contributor role to read the titles of other users' private, draft, pending, scheduled and trashed pos...

Exploits0References1
cvelist
cvelist
added 5 hours ago6 views

CVE-2026-12907 RTMKit Addons for Elementor < 2.0.9 - Author+ Site-Wide Theme Builder Template Creation and Activation

The RTMKit WordPress plugin before 2.0.9 does not perform a proper capability check on one of its -builder AJAX actions, allowing users with at least the Author role to create and activate a site-wide template that overrides the header, footer or other global areas displayed to all visitors, whic...

Exploits0References1
cvelist
cvelist
added 5 hours ago5 views

CVE-2026-12978 FunnelKit < 3.15.0.6 - Reflected XSS via Divi Optin Form

The FunnelKit WordPress plugin before 3.15.0.6 does not escape a user-supplied parameter before reflecting it into the HTML response of one of its page-builder AJAX actions, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting against logged-in users who open a crafted pag...

Exploits0References1
cvelist
cvelist
added 5 hours ago6 views

CVE-2026-12492 Happy Coders OTP Login for WooCommerce < 2.8 - Unauthenticated Account Takeover via hcotp_auto_login_user

The Happy Coders OTP Login for WooCommerce WordPress plugin before 2.8 does not verify that a one-time password was actually validated before authenticating a user based on a supplied identifier, allowing unauthenticated attackers to log in as any existing user, including administrators, as well ...

Exploits0References1
cvelist
cvelist
added 5 hours ago6 views

CVE-2026-12510 AI Engine < 3.5.5 - Subscriber+Chatbot Discussion Disclosure and Takeover via IDOR

The AI Engine WordPress plugin before 3.5.5 does not verify that a user owns the chatbot conversation referenced by a client-supplied identifier, allowing users with subscriber-level access to read other users' private conversations and take over their conversation records when the discussions...

Exploits0References1
cvelist
cvelist
added 5 hours ago4 views

CVE-2026-12525 Redux Framework < 4.5.13 - Subscriber+ Privilege Escalation to Administrator

The Redux Framework WordPress plugin before 4.5.13 does not restrict which user meta keys can be written when saving custom profile fields, allowing users with at least the Subscriber role to escalate their privileges to Administrator by submitting a crafted value while updating their own profile...

Exploits0References1
cvelist
cvelist
added 5 hours ago10 views

CVE-2026-12585 Abandoned Cart Lite for WooCommerce < 6.8.2 - Unauthenticated Account Takeover via Malleable Recovery-Link Token

The Abandoned Cart Lite for WooCommerce WordPress plugin before 6.8.2 does not protect the integrity of its cart-recovery tokens or bind them to the requesting account, allowing unauthenticated attackers to forge a recovery link that logs them in as another user when the automatic-login option is...

Exploits0References1
cvelist
cvelist
added 5 hours ago5 views

CVE-2026-12395 WP Job Portal < 2.5.5 - Subscriber+ SQL Injection via Applied Resumes 'ta' Parameter

The WP Job Portal WordPress plugin before 2.5.5 does not properly sanitize and escape a parameter before using it in a SQL query, allowing authenticated users with a subscriber-level self-registerable account to perform SQL injection attacks...

Exploits0References1
cvelist
cvelist
added 5 hours ago6 views

CVE-2026-11866 LatePoint < 5.6.3 - Multiple Privileged Actions via CSRF

The Appointment Booking Plugin WordPress plugin before 5.6.3 does not validate a CSRF nonce on several state-changing actions handled by its central request dispatcher, allowing attackers to perform privileged actions, such as overwriting the booking-form configuration or disconnecting the...

Exploits0References1
cvelist
cvelist
added 5 hours ago6 views

CVE-2026-11371 BetterDocs < 4.5.5 - Unauthenticated Stored XSS via AI Doc Summarizer Prompt Injection

The BetterDocs WordPress plugin before 4.5.5 does not sanitise an AI-generated documentation summary before storing and outputting it, and the feature that generates it is exposed to unauthenticated users, allowing them to store a malicious payload via prompt injection that executes in the browse...

Exploits0References1
cvelist
cvelist
added 5 hours ago7 views

CVE-2026-15925 Improper TLS Hostname Verification in Snowflake Connector for Python

Improper TLS hostname verification in Snowflake Connector for Python versions prior to 4.7.1 may have allowed a network-positioned attacker to bypass certificate hostname validation on HTTPS connections made by the connector. An attacker with on-path network access could exploit this by...

9.2CVSS
Exploits0References1
cvelist
cvelist
added 5 hours ago7 views

CVE-2026-53366 ipv4: account for fraggap on the paged allocation path

In the Linux kernel, the following vulnerability has been resolved: ipv4: account for fraggap on the paged allocation path In ipappenddata, when the paged-allocation branch is taken, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen; pagedlen = datalen - transhdrlen;...

Exploits0References5
cvelist
cvelist
added 7 hours ago12 views

CVE-2026-15013 SAML Single Sign On <= 5.4.3 - Unauthenticated Authentication Bypass via 'SAMLResponse' Parameter Signature Algorithm Confusion

The SAML Single Sign On – SSO Login plugin for WordPress is vulnerable to Authentication Bypass via SAML Signature Algorithm Confusion in all versions up to, and including, 5.4.3. The vulnerability exists because MoSAMLUtilities::mosamlcastkey reads the SignatureMethod Algorithm attribute directl...

9.8CVSS
Exploits0References7
cvelist
cvelist
added 7 hours ago9 views

CVE-2026-15458 SEO Booster <= 7.3.1 - Authenticated (Administrator+) SQL Injection via 'sort_field' Parameter

The SEO Booster plugin for WordPress is vulnerable to generic SQL Injection via the 'sortfield' parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

4.9CVSS
Exploits0References5
cvelist
cvelist
added 7 hours ago11 views

CVE-2026-13042 RPB Chessboard <= 8.1.2 - Unauthenticated Stored Cross-Site Scripting via Comment Content

The RPB Chessboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Comment Content in all versions up to, and including, 8.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

7.2CVSS
Exploits0References8
cvelist
cvelist
added 7 hours ago10 views

CVE-2026-15445 SEO Booster <= 7.3.1 - Authenticated (Administrator+) SQL Injection via 'orderby' Parameter

The SEO Booster plugin for WordPress is vulnerable to time-based SQL Injection via the 'orderby' parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

4.9CVSS
Exploits0References5
cvelist
cvelist
added 7 hours ago9 views

CVE-2026-15306 Product Feed Manager For WooCommerce <= 7.6.1 - Reflected Cross-Site Scripting via 's' Search Parameter

The Product Feed Manager For WooCommerce – Sell on 200+ Online Marketplaces plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via 's' Search Parameter in all versions up to, and including, 7.6.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.1CVSS
Exploits0References6
cvelist
cvelist
added 7 hours ago9 views

CVE-2026-21729 Loki detected_fields query limits results in unbounded memory allocation

Loki queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy...

7.5CVSS
Exploits0References1
cvelist
cvelist
added 8 hours ago8 views

CVE-2026-15652 Easy Accordion <= 3.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' Block Attribute

The Easy Accordion – AI-Powered FAQ & Accordion Blocks, Product FAQ plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'align' Block Attribute in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS
Exploits0References5
cvelist
cvelist
added 8 hours ago6 views

CVE-2026-12941 MultiVendorX <= 5.0.9 - Authenticated (Store Owner+) SQL Injection via 'order_by' Parameter

The MultiVendorX – WooCommerce Multivendor Marketplace AI Powered Solutions plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 5.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS
Exploits0References5
cvelist
cvelist
added 8 hours ago10 views

CVE-2026-12409 Landing Page Builder <= 1.5.3.6 - Cross-Site Request Forgery to ulpb_admin_data AJAX Action

The Landing Page Builder – Coming Soon page, Maintenance Mode, Lead Page, WordPress Landing Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.3.6. This is due to missing or incorrect nonce validation on the ulpbadminajax function. Thi...

4.3CVSS
Exploits0References6
cvelist
cvelist
added 8 hours ago11 views

CVE-2026-14987 GiveWP <= 4.16.3 - Authenticated (Give Worker+) Stored Cross-Site Scripting via 'twitter_message' Sequoia Template Setting

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'twittermessage' Sequoia Template Setting in all versions up to, and including, 4.16.3 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS
Exploits0References8
cvelist
cvelist
added 8 hours ago6 views

CVE-2026-12434 List category posts <= 0.95.0 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via 'post_status' Shortcode Attribute

The List category posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.95.0 via the sanitizestatus. This makes it possible for authenticated attackers, with contributor-level access and above, to extract titles, full content, excerpts,...

4.3CVSS
Exploits0References6
Total number of security vulnerabilities366585