417634 matches found
EUVD-2026-39714
Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...
EUVD-2026-39713
Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...
EUVD-2026-39711
Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...
EUVD-2026-39712
Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...
EUVD-2026-39710
Subscriber PHP Object Injection in RealHomes = 4.5.3 versions...
EUVD-2026-39708
Unauthenticated Cross Site Scripting XSS in perfmatters = 2.6.3 versions...
EUVD-2026-39709
Unauthenticated Insecure Direct Object References IDOR in Payment Gateway Based Fees and Discounts for WooCommerce = 3.0.0 versions...
EUVD-2026-39707
Subscriber Cross Site Scripting XSS in ListingPro = 2.9.11 versions...
EUVD-2026-39706
Unauthenticated Cross Site Scripting XSS in Automatic 3.135.1 versions...
EUVD-2026-39705
Unauthenticated Cross Site Scripting XSS in Blog2Social = 8.9.2 versions...
EUVD-2026-39704
Unauthenticated Cross Site Scripting XSS in Customer Reviews for WooCommerce = 5.110.1 versions...
EUVD-2026-39702
Unauthenticated Cross Site Scripting XSS in Gutenverse Form = 2.4.7 versions...
EUVD-2026-39703
Unauthenticated Cross Site Scripting XSS in Responsive Lightbox = 2.7.6 versions...
EUVD-2026-39701
Unauthenticated Cross Site Scripting XSS in Quick Interest Slider = 3.1.6 versions...
EUVD-2026-39699
Unauthenticated SQL Injection in 워드프레스 결제 심플페이 = 5.5.6 versions...
EUVD-2026-39700
Contributor Privilege Escalation in Frisbii Pay = 1.8.2 versions...
EUVD-2026-39698
Unauthenticated Multiple Vulnerabilities in BitFire Security = 5.0.3 versions...
EUVD-2026-39696
Unauthenticated Privilege Escalation in Dokan Pro = 5.0.4 versions...
EUVD-2026-39697
Unauthenticated SQL Injection in Library Management System = 3.5.7 versions...
EUVD-2026-39695
Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...
EUVD-2026-39693
Unauthenticated Privilege Escalation in Paytium = 5.0.2 versions...
EUVD-2026-39694
Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...
EUVD-2026-39692
Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway = 2.7.4 versions...
EUVD-2026-39690
Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...
EUVD-2026-39691
Unauthenticated Privilege Escalation in Easy Elements for Elementor Addons & Website Templates = 1.4.9 versions...
EUVD-2026-39688
Unauthenticated Broken Access Control in Paymob for WooCommerce = 4.1.2 versions...
EUVD-2026-39689
Subscriber Server Side Request Forgery SSRF in utm.codes = 1.9.0 versions...
EUVD-2026-39687
Unauthenticated Cross Site Scripting XSS in MapPress Maps for WordPress = 2.97.3 versions...
EUVD-2026-39686
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce = 10.4.0 versions...
EUVD-2026-39685
Contributor Privilege Escalation in Fusion Builder = 3.15.4 versions...
EUVD-2026-39684
Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...
EUVD-2026-39683
Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale = 1.0.27 versions...
EUVD-2026-39682
Unauthenticated Broken Access Control in Newsletters = 4.13 versions...
EUVD-2026-39681
Unauthenticated Sensitive Data Exposure in Trinity Backup Backup, Migrate, Restore, Clone & Schedule Backups = 2.0.9 versions...
EUVD-2026-39679
Unauthenticated Broken Access Control in Five Star Restaurant Menu = 2.5.2 versions...
EUVD-2026-39680
Unauthenticated Broken Access Control in Intranet & Private Site All-In-One Intranet = 1.8.1 versions...
EUVD-2026-39678
Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone = 2.3.2 versions...
EUVD-2026-39677
Unauthenticated Backdoor in Enable CORS = 2.0.3 versions...
EUVD-2026-39676
Unauthenticated Broken Access Control in Gutenverse Companion = 2.5.0 versions...
EUVD-2026-39675
Unauthenticated SQL Injection in GeoDirectory = 2.8.162 versions...
EUVD-2026-39674
Unauthenticated SQL Injection in Real Estate 7 = 3.5.9 versions...
EUVD-2026-39673
Subscriber Insecure Direct Object References IDOR in SupportCandy = 3.4.6 versions...
EUVD-2026-39672
Unauthenticated SQL Injection in wpDataTables = 7.4 versions...
EUVD-2026-39784
Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...
EUVD-2026-39780
The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through non-anonymous MEXTPG pages or...
EUVD-2026-39659
In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata...
EUVD-2026-39658
In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack...
EUVD-2026-39655
In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings...
EUVD-2026-39649
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8...
EUVD-2026-39648
By sending a deeply nested ASN1 structure to a Apache Kerby client or service, it's possible to trigger a StackOverFlow Exception which can lead to denial of service issues. Users are recommended to upgrade to version 2.1.2, which fixes this issue...