364191 matches found
CVE-2026-39530
Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...
CVE-2026-39524
Unauthenticated Broken Access Control in Masteriyo - LMS = 2.1.5 versions...
CVE-2026-39514
Unauthenticated Cross Site Scripting XSS in Paid Member Subscriptions = 2.17.3 versions...
CVE-2026-39515
Subscriber Broken Access Control in Motors 1.4.107 versions...
CVE-2026-39525
Unauthenticated Broken Access Control in Booking Activities = 1.16.48.1 versions...
CVE-2026-39527
Subscriber Arbitrary File Upload in WpStream 4.11.2 versions...
CVE-2026-39519
Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...
CVE-2026-39518
Subscriber Insecure Direct Object References IDOR in EventPrime = 4.3.0.0 versions...
CVE-2026-39503
Unauthenticated Broken Access Control in Easy Digital Downloads = 3.6.5 versions...
CVE-2026-39502
Unauthenticated SQL Injection in Form Maker by 10Web = 1.15.38 versions...
CVE-2026-39498
Shop manager PHP Object Injection in YayMail = 4.3.3 versions...
CVE-2026-39511
Unauthenticated SQL Injection in WP Photo Album Plus = 9.1.08.001 versions...
CVE-2026-39512
Unauthenticated SQL Injection in GeoDirectory = 2.8.152 versions...
CVE-2026-39499
Shop manager PHP Object Injection in Advanced Product Fields Product Addons for WooCommerce = 1.6.19 versions...
CVE-2026-39507
Unauthenticated Cross Site Scripting XSS in Social Slider Feed = 2.3.2 versions...
CVE-2026-39513
Unauthenticated Broken Access Control in Easy Appointments = 3.12.21 versions...
CVE-2026-39492
Unauthenticated SQL Injection in WP Maps = 4.9.1 versions...
CVE-2026-39489
Author Arbitrary File Download in Download Monitor = 5.1.9 versions...
CVE-2026-39474
Contributor PHP Object Injection in Post Duplicator = 3.0.10 versions...
CVE-2026-39478
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
CVE-2026-39480
Unauthenticated Sensitive Data Exposure in Backup Migration = 2.1.1 versions...
CVE-2026-39481
Author PHP Object Injection in Modula Image Gallery = 2.14.18 versions...
CVE-2026-39493
Unauthenticated SQL Injection in Simply Schedule Appointments = 1.6.9.27 versions...
CVE-2026-39491
Subscriber Cross Site Scripting XSS in JupiterX Core = 4.14.1 versions...
CVE-2026-39468
Contributor Arbitrary File Deletion in Meta Box – WordPress Custom Fields Framework = 5.11.1 versions...
CVE-2026-39451
Unauthenticated Cross Site Scripting XSS in WP Google Review Slider = 18.0 versions...
CVE-2026-39470
Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery 2.1.0 versions...
CVE-2026-39463
Unauthenticated Cross Site Scripting XSS in ManageWP Worker = 4.9.31 versions...
CVE-2026-39450
Subscriber Broken Authentication in FunnelKit Automations = 3.7.3 versions...
CVE-2026-39449
Unauthenticated Cross Site Scripting XSS in Contact Form to Any API = 3.0.3 versions...
CVE-2026-39465
Editor Remote Code Execution RCE in Responsive Slider by MetaSlider = 3.106.0 versions...
CVE-2026-39472
Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...
CVE-2026-39471
Author PHP Object Injection in ShortPixel Image Optimizer = 6.4.3 versions...
CVE-2026-39447
Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.10.6 versions...
CVE-2026-39434
Shop manager PHP Object Injection in CTX Feed = 6.6.26 versions...
CVE-2026-34902
Unauthenticated Cross Site Scripting XSS in WooCommerce Product Table Lite = 4.6.3 versions...
CVE-2026-34900
Unauthenticated Cross Site Scripting XSS in GiveWP = 4.14.2 versions...
CVE-2026-39441
Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free = 5.3 versions...
CVE-2026-39435
Unauthenticated Cross Site Scripting XSS in CformsII = 15.1.3 versions...
CVE-2026-34901
Unauthenticated Privilege Escalation in iControlWP = 5.5.3 versions...
CVE-2026-34891
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...
CVE-2026-34886
Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...
CVE-2026-34892
Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...
CVE-2026-27407
Editor Privilege Escalation in AI Engine = 3.4.9 versions...
CVE-2026-34898
Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce = 1.5.3 versions...
CVE-2026-24637
Contributor SQL Injection in PowerPress Podcasting = 11.15.10 versions...
CVE-2026-23970
Unauthenticated Cross Site Scripting XSS in Redirection for Contact Form 7 = 3.2.8 versions...
CVE-2026-25440
Unauthenticated Broken Access Control in Essential Addons for Elementor 6.6.0 versions...
CVE-2026-25425
Unauthenticated Broken Access Control in User Registration = 5.1.2 versions...
CVE-2026-27089
Unauthenticated Bypass Vulnerability in WpTravelly = 2.1.7 versions...