418611 matches found
EUVD-2026-36981
Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...
EUVD-2026-36995
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
EUVD-2026-36982
Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress = 4.7.9 versions...
EUVD-2026-36997
Subscriber Broken Access Control in myCred = 3.0.3 versions...
EUVD-2026-36998
Subscriber Broken Access Control in Amelia = 2.2 versions...
EUVD-2026-36987
Unauthenticated Broken Authentication in ReviewX = 2.3.6 versions...
EUVD-2026-36994
Unauthenticated Cross Site Scripting XSS in WP Time Slots Booking Form = 1.2.46 versions...
EUVD-2026-36966
Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery = 2.6.62 versions...
EUVD-2026-36974
Unauthenticated Broken Access Control in Tutor LMS = 3.9.7 versions...
EUVD-2026-36961
Contributor PHP Object Injection in Events Calendar for GeoDirectory = 2.3.25 versions...
EUVD-2026-36964
Subscriber Cross Site Scripting XSS in Shipment Tracker for Woocommerce = 1.5.3.2 versions...
EUVD-2026-36971
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
EUVD-2026-36968
Unauthenticated Privilege Escalation in WP BASE Booking = 5.9.0 versions...
EUVD-2026-36965
Contributor Privilege Escalation in B Blocks = 2.0.31 versions...
EUVD-2026-36947
Unauthenticated SQL Injection in Form Maker by 10Web = 1.15.38 versions...
EUVD-2026-36970
Subscriber Broken Access Control in Ultra Addons for WPForms = 1.0.11 versions...
EUVD-2026-36962
Unauthenticated Broken Access Control in AWP Classifieds = 4.4.4 versions...
EUVD-2026-36973
Unauthenticated Broken Access Control in Redsys for WooCommerce Light = 7.0.0 versions...
EUVD-2026-36972
Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...
EUVD-2026-36963
Unauthenticated Broken Access Control in WP Directory Kit = 1.5.0 versions...
EUVD-2026-36969
Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...
EUVD-2026-36960
Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...
EUVD-2026-36967
Subscriber Broken Access Control in RepairBuddy = 4.1132 versions...
EUVD-2026-36959
Subscriber Arbitrary File Upload in WpStream 4.11.2 versions...
EUVD-2026-36975
Unauthenticated SQL Injection in WPGraphQL 2.11.1 versions...
EUVD-2026-36954
Subscriber Broken Access Control in Motors 1.4.107 versions...
EUVD-2026-36941
Author Arbitrary File Download in Download Monitor = 5.1.9 versions...
EUVD-2026-36957
Unauthenticated Broken Access Control in Masteriyo - LMS = 2.1.5 versions...
EUVD-2026-36937
Contributor PHP Object Injection in Post Duplicator = 3.0.10 versions...
EUVD-2026-36935
Author PHP Object Injection in ShortPixel Image Optimizer = 6.4.3 versions...
EUVD-2026-36939
Unauthenticated Sensitive Data Exposure in Backup Migration = 2.1.1 versions...
EUVD-2026-36927
Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.10.6 versions...
EUVD-2026-36948
Unauthenticated Broken Access Control in Easy Digital Downloads = 3.6.5 versions...
EUVD-2026-36931
Unauthenticated Cross Site Scripting XSS in ManageWP Worker = 4.9.31 versions...
EUVD-2026-36944
Unauthenticated SQL Injection in Simply Schedule Appointments = 1.6.9.27 versions...
EUVD-2026-36958
Unauthenticated Broken Access Control in Booking Activities = 1.16.48.1 versions...
EUVD-2026-36938
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
EUVD-2026-36930
Unauthenticated Cross Site Scripting XSS in WP Google Review Slider = 18.0 versions...
EUVD-2026-36945
Shop manager PHP Object Injection in YayMail = 4.3.3 versions...
EUVD-2026-36940
Author PHP Object Injection in Modula Image Gallery = 2.14.18 versions...
EUVD-2026-36932
Editor Remote Code Execution RCE in Responsive Slider by MetaSlider = 3.106.0 versions...
EUVD-2026-36933
Contributor Arbitrary File Deletion in Meta Box – WordPress Custom Fields Framework = 5.11.1 versions...
EUVD-2026-36942
Subscriber Cross Site Scripting XSS in JupiterX Core = 4.14.1 versions...
EUVD-2026-36929
Subscriber Broken Authentication in FunnelKit Automations = 3.7.3 versions...
EUVD-2026-36928
Unauthenticated Cross Site Scripting XSS in Contact Form to Any API = 3.0.3 versions...
EUVD-2026-36936
Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...
EUVD-2026-36934
Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery 2.1.0 versions...
EUVD-2026-36951
Unauthenticated SQL Injection in GeoDirectory = 2.8.152 versions...
EUVD-2026-36956
Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...
EUVD-2026-36946
Shop manager PHP Object Injection in Advanced Product Fields Product Addons for WooCommerce = 1.6.19 versions...