364165 matches found
CVE-2026-45437
Unauthenticated Cross Site Scripting XSS in Product Filter Widget for Elementor = 1.0.6 versions...
CVE-2026-45439
Unauthenticated SQL Injection in Realtyna Organic IDX plugin = 5.1.0 versions...
CVE-2026-42775
Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.7.2 versions...
CVE-2026-42743
Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...
CVE-2026-42752
Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...
CVE-2026-42664
Unauthenticated Broken Access Control in AI Product Search for WooCommerce Motive Commerce Search = 1.38.2 versions...
CVE-2026-42666
Unauthenticated Broken Access Control in Salon booking system = 10.30.25 versions...
CVE-2026-42688
Subscriber Cross Site Scripting XSS in Modula Image Gallery = 2.14.23 versions...
CVE-2026-42663
Unauthenticated Cross Site Scripting XSS in Simple Membership = 4.7.2 versions...
CVE-2026-42668
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
CVE-2026-42667
Unauthenticated Sensitive Data Exposure in Bookly = 27.4 versions...
CVE-2026-42687
Unauthenticated PHP Object Injection in EventPrime = 4.3.2.1 versions...
CVE-2026-42665
Unauthenticated SQL Injection in WP Data Access = 5.5.70 versions...
CVE-2026-42686
Subscriber Cross Site Scripting XSS in EventPrime = 4.3.2.1 versions...
CVE-2026-42662
Unauthenticated Bypass Vulnerability in Event Tickets = 5.27.5 versions...
CVE-2026-42661
Custom role Path Traversal in WP Customer Area = 8.3.4 versions...
CVE-2026-42659
Subscriber Broken Access Control in Advanced Form Integration = 1.126.12 versions...
CVE-2026-42656
Subscriber Cross Site Scripting XSS in Contest Gallery = 28.1.6 versions...
CVE-2026-42658
Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...
CVE-2026-42657
Unauthenticated Other Vulnerability Type in Contest Gallery = 28.1.7 versions...
CVE-2026-42655
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...
CVE-2026-42660
Subscriber Sensitive Data Exposure in Contest Gallery = 28.1.7 versions...
CVE-2026-42384
Unauthenticated Sensitive Data Exposure in Simply Schedule Appointments 1.6.11.2 versions...
CVE-2026-42386
Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...
CVE-2026-42649
Unauthenticated Cross Site Scripting XSS in Favicon Rotator = 1.2.11 versions...
CVE-2026-42650
Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.6.7 versions...
CVE-2026-42651
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
CVE-2026-42640
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...
CVE-2026-42639
Unauthenticated SQL Injection in GD Rating System = 3.6.2 versions...
CVE-2026-42411
Unauthenticated Broken Authentication in CloudSecure WP Security = 1.4.7 versions...
CVE-2026-42378
Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...
CVE-2026-42381
Unauthenticated SQL Injection in Funnel Builder by FunnelKit = 3.15.0.1 versions...
CVE-2026-41556
Subscriber Cross Site Scripting XSS in ProfilePress = 4.16.13 versions...
CVE-2026-40796
Subscriber Sensitive Data Exposure in WPPizza = 3.19.9 versions...
CVE-2026-40798
Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...
CVE-2026-40799
Unauthenticated Broken Authentication in Simple Cloudflare Turnstile = 1.38.0 versions...
CVE-2026-40789
Unauthenticated Sensitive Data Exposure in Amelia = 2.2 versions...
CVE-2026-40795
Subscriber Broken Access Control in Amelia = 2.2 versions...
CVE-2026-40788
Subscriber Broken Access Control in ChatBot = 7.9.7 versions...
CVE-2026-40791
Unauthenticated Cross Site Scripting XSS in WP Time Slots Booking Form = 1.2.46 versions...
CVE-2026-40793
Subscriber Broken Access Control in Groundhogg 4.4.1 versions...
CVE-2026-40794
Subscriber Broken Access Control in myCred = 3.0.3 versions...
CVE-2026-40792
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
CVE-2026-40790
Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...
CVE-2026-40775
Unauthenticated Broken Access Control in Royal MCP = 1.4.2 versions...
CVE-2026-40779
Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...
CVE-2026-40782
Unauthenticated Broken Access Control in WPAdverts = 2.3.0 versions...
CVE-2026-40774
Unauthenticated Broken Access Control in Booking Package = 1.7.06 versions...
CVE-2026-40781
Unauthenticated Broken Authentication in ReviewX = 2.3.6 versions...
CVE-2026-40785
Subscriber Broken Authentication in AutomatorWP = 5.6.7 versions...