Lucene search
K

417564 matches found

EUVD
EUVD
•added 4 days ago•4 views

EUVD-2026-40909

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animationeffect setting before it is rendered inside a...

6.4CVSS5.9AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40907

The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 1.10.2 This is due to getreplytoaddress processing the Reply-To...

5.3CVSS5.9AI score0.00343EPSS
Exploits0References11
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40908

The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Deletion in versions up to and including 4.0.1. This is due to insufficient path validation in the remove method of the JBusinessDirectoryControllerUpload class. The task=upload.remove endpoint is...

9.1CVSS5.8AI score0.00409EPSS
Exploits0References5
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40906

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.9.1 via the 'userId' parameter due to missing validation on a user controlled key. This makes it possible for...

6.5CVSS5.8AI score0.00275EPSS
Exploits0References8
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40904

The Event Organiser plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.12.9. This is due to the 'eoevents' shortcode accepting attacker-controlled 'noevents' content and rendering it in event list templates without output escaping. This makes...

6.4CVSS5.9AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40903

The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.02 via the cpabcappointmentsfilterlist. This makes it possible for authenticated attackers, with contributor-level access and above, to extract customer...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References8
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40905

The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.15.3 This is due to missing nonce validation on the givesetnotificationstatushandler function. This makes it possible for unauthenticated attackers to disable donation email notificatio...

4.3CVSS5.6AI score0.00154EPSS
Exploits0References9
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40902

The Custom Payment Gateways for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'algwccpginputfields' parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS5.9AI score0.00247EPSS
Exploits0References8
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40901

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS. This issue affects Mediawiki - Cargo Extension: from before 3.9.1...

6.9CVSS5.8AI score0.00268EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40900

Cross-Site request forgery CSRF vulnerability in The Wikimedia Foundation Mediawiki - RedirectManager Extension allows Cross Site Request Forgery. This issue affects Mediawiki - RedirectManager Extension: from before 1.3.3...

6.9CVSS5.8AI score0.00157EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40897

The Youtube Showcase plugin for WordPress is vulnerable to Arbitrary Function Call in versions up to and including 4.0.3. This is due to insufficient validation of the 'path' parameter in the emddeletefile AJAX handler in includes/common-functions.php. The user-supplied value is passed through...

7.5CVSS5.9AI score0.00319EPSS
Exploits0References5
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40898

The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to generic SQL Injection via the 'wppmprojfilter' parameter in all versions up to, and including, 5.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficie...

6.5CVSS5.9AI score0.00319EPSS
Exploits0References9
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40899

The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'videoplayer' shortcode 'align' attribute in all versions up to, and including, 7.5.51.7212 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References6
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40896

The Wp Google Places Review Slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'place' parameter in versions up to, and including, 18.1. This is due to insufficient input sanitization and output escaping in admin/partials/googlecrawldfs.php, where the $GET'place'...

6.1CVSS5.9AI score0.00211EPSS
Exploits0References5
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40895

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References10
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40894

The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to generic SQL Injection via the 'tasksearch' parameter in all versions up to, and including, 5.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References11
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40893

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Lesson Attachment Title in all versions up to, and including, 3.9.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.9AI score0.00206EPSS
Exploits0References8
EUVD
EUVD
•added 4 days ago•8 views

EUVD-2026-40891

The Kali Forms — Contact Form & Drag-and-Drop Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'metakaliformsfieldcomponents' parameter in all versions up to, and including, 2.4.13 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.9AI score0.00241EPSS
Exploits0References10
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40892

The Visualizer – Tables & Charts Manager with Built-in AI Generator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.0.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

7.5CVSS5.6AI score0.00367EPSS
Exploits0References8
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40889

The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'conversation' parameter in all versions up to, and including, 8.4.9 due to insufficient input sanitization and output escaping. This makes it possible f...

7.2CVSS5.9AI score0.00241EPSS
Exploits0References7
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40890

The Kadence Blocks – Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the...

4.3CVSS5.8AI score0.00293EPSS
Exploits0References20
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40888

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blockid' and other shortcode attributes of the 'givewpcampaigncomments' shortcode in versions up to, and including, 4.16.0. This is due to insufficient input sanitizati...

6.4CVSS5.9AI score0.00241EPSS
Exploits0References12
EUVD
EUVD
•added 4 days ago•8 views

EUVD-2026-40887

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Group Deletion in versions up to, and including, 5.7.8. This is due to a missing capability check in the joomsportseasongroupdel AJAX handler, which only...

4.3CVSS5.9AI score0.0025EPSS
Exploits0References10
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40886

UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embedded HTTP administration server. The functions wisenderr and wireplyhdr in repeater/webgui/webutils.c write the caller-supplied HTTP request URI into a fixed 1000-byte global buffer hdrbuf via unchecked sprintf calls...

9.8CVSS6.6AI score0.01203EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40885

UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password. In repeater/webgui/settings.c:197, when settings2.txt is absent on first run the repeater writes the literal string "adminadmi2" as the admin password via strcpyssavedpassword, 64,...

9.1CVSS5.8AI score0.00326EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40884

UltraVNC viewer through 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. In vncviewer/ClientConnection.cpp, the 4-byte network-supplied reasonLen field type CARD32 is passed as reasonLen+1 to CheckBufferSize. Because both...

8.8CVSS6.6AI score0.01152EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40883

UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.cpp, when the server-supplied nameLength equals exactly 2024 the code declares a 2024-byte stack buffer dn2024 and calls ReadStringdn, 2024. ReadString...

7.6CVSS6.1AI score0.00416EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40882

UltraVNC through 1.8.2.2 uses inadequate cryptography in the MS-Logon II authentication scheme rfbUltraVNCMsLogonIIAuth. In rfb/dh.cpp the Diffie-Hellman key exchange is performed with parameters that fit in an unsigned 64-bit integer DHMAXBITS controls the prime size. A 64-bit DH key can be brok...

7.4CVSS5.8AI score0.00183EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40881

UltraVNC repeater through 1.8.2.2 contains a post-authentication out-of-bounds write in the allow/deny rule parser. In repeater/webgui/settings.c:225-272, after strncpys copies a rule token into temp1rule1 25-byte destination or temp2/temp3 16-byte destination, the code unconditionally writes a N...

9.1CVSS6.3AI score0.00504EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40880

UltraVNC repeater through 1.8.2.2 contains an integer overflow in the HTTP request logging path. In repeater/webgui/settings.c:336, the winlog function allocates list nodes via mallocsizeofstruct LIST + strlenline, where line is derived from HTTP request URIs. If strlenline is sufficiently large,...

5.3CVSS6.2AI score0.00839EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40879

UltraVNC through 1.8.2.2 uses a cryptographically weak pseudo-random number generator to produce VNC authentication challenge bytes. In rfb/vncauth.c:119-129, the vncRandomBytes function seeds libc rand with time0 + getpid + rand and generates a 16-byte challenge. The combined seed space is...

4.8CVSS5.8AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40878

UltraVNC through 1.8.2.2 contains an out-of-bounds read in the wide-string to multibyte conversion helper. In rfb/dh.cpp:204, the vncWc2Mb function passes a caller-supplied WCHAR pointer to wcslen before any bounds check. If the caller provides a wide-character buffer that is not properly...

4.3CVSS5.9AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•9 views

EUVD-2026-40877

UltraVNC repeater through 1.8.2.2 contains an off-by-one error in the Base64 decode helper used for HTTP Basic authentication. In repeater/webgui/webutils.c:817, the wiuudecode function checks whether the input length exceeds the output buffer with a strict greater-than comparison , while the...

3.7CVSS6AI score0.00313EPSS
Exploits0References2
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40876

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309...

6.7CVSS5.8AI score0.0011EPSS
Exploits0References1
EUVD
EUVD
•added 4 days ago•8 views

EUVD-2026-40875

In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871...

6.7CVSS6.1AI score0.00111EPSS
Exploits0References1
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40874

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation...

5.3CVSS6AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40873

In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

5.3CVSS6AI score0.00172EPSS
Exploits0References1
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40872

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

5.3CVSS6AI score0.00167EPSS
Exploits0References1
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40871

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS6AI score0.00202EPSS
Exploits0References1
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40870

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

5.3CVSS6AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40869

An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...

7.8CVSS7.4AI score0.1308EPSS
Exploits1References2
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40862

An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...

6.5CVSS5.9AI score0.00193EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40861

A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of attacker-supplied data into the Thunderbird LDAP client until it crashes due to memory exhaustion. This vulnerability was fixed in Thunderbird 152.0.1 and...

5.3CVSS5.8AI score0.00217EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•9 views

EUVD-2026-40449

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•9 views

EUVD-2026-40453

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree AST security validator bypass in the Python Code node. An authenticated user with permission to create or modify workflows containing a Python Code node can bypass the validator and access the task executor module...

5.3CVSS5.8AI score0.00245EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•8 views

EUVD-2026-40845

Storage Concentrator SC & SCVM contains a command injection vulnerability in the msservice.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a...

10CVSS6.2AI score0.03081EPSS
Exploits0References4
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40844

Storage Concentrator SC & SCVM contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization,...

10CVSS6.2AI score0.03074EPSS
Exploits0References4
EUVD
EUVD
•added 4 days ago•10 views

EUVD-2026-40454

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUPEDIT administrators to grant arbitrary rights to groups without verifying they hold those rights themselves. A delegated administrator can exploit this by assigning high-valu...

8.8CVSS5.8AI score0.00325EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•9 views

EUVD-2026-40451

Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticated users to bypass SSRF protections. Attackers can manipulate URL parameters with location redirect headers to access internal services and potentiall...

5.3CVSS5.8AI score0.0032EPSS
Exploits0References4
EUVD
EUVD
•added 4 days ago•9 views

EUVD-2026-40452

Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize calls - in Scheduler\JobQueue, Framework\Cache\Adapter\FileCache, and Session - deserialize untrusted data without restricting allowed classes, enabling PHP object injection and, via a gadget...

9.8CVSS6.4AI score0.01683EPSS
Exploits0References3
Total number of security vulnerabilities417564