Lucene search
K

363661 matches found

NVD
NVD
added 2026/06/27 8:16 a.m.10 views

CVE-2026-11597

The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'infusionsoft-form' shortcode in versions up to, and including, 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied 'account' and 'id' shortcode...

6.4CVSS0.00193EPSS
Exploits0References5
NVD
NVD
added 2026/06/27 8:16 a.m.10 views

CVE-2026-11364

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the invoke methods of the...

4.3CVSS0.00213EPSS
Exploits0References8
NVD
NVD
added 2026/06/27 6:16 a.m.11 views

CVE-2026-9677

The Shariff for WordPress Shariff for WordPress plugin through 1.0.11 does not sanitize or escape the shariffinfourl setting before outputting it in the frontend HTML via the generateshariff function, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...

4.8CVSS0.00142EPSS
Exploits0References1
NVD
NVD
added 2026/06/27 6:16 a.m.10 views

CVE-2026-12404

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS0.00281EPSS
Exploits0References8
NVD
NVD
added 2026/06/27 6:16 a.m.8 views

CVE-2026-13245

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
NVD
NVD
added 2026/06/27 6:16 a.m.10 views

CVE-2026-10820

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.16.17 does not verify that the user performing a subscription action owns the targeted subscription, allowing any authenticated user Subscriber+ to cancel other...

8.1CVSS0.00222EPSS
Exploits0References1
NVD
NVD
added 2026/06/27 5:16 a.m.9 views

CVE-2026-12415

The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravelinvoiceeditaccount AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wpajaxnoprivpravelinvoiceeditaccount, accepts an attacker-controlled...

9.8CVSS0.00662EPSS
Exploits0References4
NVD
NVD
added 2026/06/27 2:16 a.m.9 views

CVE-2026-13422

The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdqvalidatenonce function. This makes it possible for unauthenticated attackers to delete or modify quizzes and questions, create ne...

4.3CVSS0.00179EPSS
Exploits0References16
NVD
NVD
added 2026/06/27 2:16 a.m.10 views

CVE-2026-13335

The CodePeople Post Map for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'cpmpoint' Post Meta in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.0021EPSS
Exploits0References8
NVD
NVD
added 2026/06/27 2:16 a.m.11 views

CVE-2026-13331

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'search' parameter in all versions up to, and including, 4.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS0.0028EPSS
Exploits0References7
NVD
NVD
added 2026/06/27 2:16 a.m.11 views

CVE-2026-11356

The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menutitle' and 'menumagnifiercolor' Settings in all versions up to, and including, 5.5.15 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS0.00251EPSS
Exploits0References10
NVD
NVD
added 2026/06/27 2:16 a.m.12 views

CVE-2026-13333

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via 'queryselect' Parameter in all versions up to, and including, 4.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS0.00344EPSS
Exploits0References6
NVD
NVD
added 2026/06/27 2:16 a.m.9 views

CVE-2025-59868

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS0.00108EPSS
Exploits0References1
NVD
NVD
added 2026/06/27 2:16 a.m.9 views

CVE-2023-37524

HCL Traveler for Microsoft Outlook HTMO is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerabl...

7.8CVSS0.00108EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 11:17 p.m.13 views

CVE-2026-56414

A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to store arbitrary file content to fixed, persistent filesystem locations without validating file type, structure, or size. This design omission enables the placement of unexpected or...

8.6CVSS0.004EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 11:17 p.m.18 views

CVE-2026-55975

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS0.00653EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 11:17 p.m.14 views

CVE-2026-31928

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.8CVSS0.0045EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 11:17 p.m.12 views

CVE-2026-28701

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS0.00839EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 11:17 p.m.14 views

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.8CVSS0.00341EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 10:16 p.m.10 views

CVE-2026-55069

Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computatio...

8.7CVSS0.00158EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.15 views

CVE-2026-49984

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS0.00386EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.11 views

CVE-2026-53576

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API @Filter"/api/v1/" treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresse...

10CVSS0.00472EPSS
Exploits2References1
NVD
NVD
added 2026/06/26 10:16 p.m.14 views

CVE-2026-53577

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the previewFileFromExecution endpoint GET /api/v1/tenant/executions/executionId/file/preview contains an access control bypass that allows any authenticated user to read output files from any other executio...

6.5CVSS0.00263EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.13 views

CVE-2026-49869

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath.endsWith"/configs" to whitelist the public configuration endpoint from Basic Auth. Because the check is a suffix match rather than an exact path match...

10CVSS0.00684EPSS
Exploits2References1
NVD
NVD
added 2026/06/26 10:16 p.m.10 views

CVE-2026-50765

A stored cross-site scripting XSS vulnerability in the patron restriction type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label...

6.1CVSS0.0022EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.11 views

CVE-2026-50766

A stored cross-site scripting XSS vulnerability in the OPAC item detail page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with edititems permission to inject arbitrary web scripts via the item public notes field items.itemnotes...

5.4CVSS0.00196EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.9 views

CVE-2026-50767

A stored cross-site scripting XSS vulnerability in the item type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the item type check-in message field checkinmsg...

5.4CVSS0.00196EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.12 views

CVE-2026-36908

A stack overflow in the AP4Array::EnsureCapacity component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00142EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 10:16 p.m.9 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

4.6CVSS0.00113EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 10:16 p.m.9 views

CVE-2026-36907

A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00125EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 10:16 p.m.11 views

CVE-2026-45807

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...

7.7CVSS0.00386EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.12 views

CVE-2026-36478

An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...

7.5CVSS0.00386EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 9:16 p.m.12 views

CVE-2026-54350

Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection and, where the builder has published a PUBLIC write...

10CVSS0.00538EPSS
Exploits2References1
NVD
NVD
added 2026/06/26 9:16 p.m.12 views

CVE-2026-54351

Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution parameters. A mass assignment vulnerability in externalTrigger allows an attacker to overwrite the interna...

9.6CVSS0.00461EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 9:16 p.m.10 views

CVE-2026-54353

Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation permissions can bypass Budibase's SSRF blacklist through DNS rebinding. The outbound fetch flow validates a hostname against the blacklist before the request is sent, but the actual socket connectio...

8.5CVSS0.00202EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 9:16 p.m.12 views

CVE-2026-54352

Budibase is an open-source low-code platform. Prior to 3.39.9, POST /api/pwa/process-zip at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with [email protected] into a temp directory, then for each entry listed in icons.json validates the icon path, open...

9.6CVSS0.00494EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 9:16 p.m.9 views

CVE-2026-48770

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WMCOPYDATA message to Notepad++ using the COPYDATAFULLCMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded...

5CVSS0.00258EPSS
Exploits2References2
NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2026-48800

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag text content inside in shortcuts.xml is read by NppXml::valueaNode Parameters.cpp:3658 in the feedUserCmds function and stored in UserCommand.cmd without any validation. When the user clicks the corresponding entry ...

7.8CVSS0.0036EPSS
Exploits3References2
NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2026-52884

Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory does NOT canonicalize the path before checking. It uses a prefix-based check PathIsPrefix or equivalent that matches paths starting with trusted directory strings. A path traversal using ....\ after a truste...

7.8CVSS0.00155EPSS
Exploits1References2
NVD
NVD
added 2026/06/26 9:16 p.m.11 views

CVE-2026-48778

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File → Open...

7.8CVSS0.01314EPSS
Exploits5References2
NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2026-52885

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires Time-of-Check. However, the command payload is taken from the in-memory userCommands vector, which is populated at application...

7.5CVSS0.00129EPSS
Exploits2References2
NVD
NVD
added 2026/06/26 9:16 p.m.10 views

CVE-2026-50137

Budibase is an open-source low-code platform. Prior to 3.39.0, an anonymous attacker who knows or can enumerate a workspace id app... and an S3-source datasource id ds... can call this endpoint with no auth and obtain a 15-minute pre-signed PUT URL minted on the victim's IAM identity. The endpoin...

9.4CVSS0.00415EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 9:16 p.m.9 views

CVE-2026-50136

Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require...

7.4CVSS0.0029EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 9:16 p.m.10 views

CVE-2026-50132

Budibase is an open-source low-code platform. Prior to 3.39.0, GET /api/chat-links/:instance/:token/handoff is a public endpoint no auth required that performs a permanent, state-changing operation: it binds an external chat identity Slack/Discord/MS Teams to an authenticated Budibase user accoun...

7.3CVSS0.00192EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

7.5CVSS0.00446EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2026-38641

An issue in the DSO::mmapandcopy function of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via loading a crafted shared library...

7.5CVSS0.00446EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 9:16 p.m.9 views

CVE-2026-39031

Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a...

5.5CVSS0.00089EPSS
Exploits1References2
NVD
NVD
added 2026/06/26 9:16 p.m.16 views

CVE-2026-46710

Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the...

7.8CVSS0.00108EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 9:16 p.m.10 views

CVE-2026-46604

The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset...

7.5CVSS0.00346EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 9:16 p.m.7 views

CVE-2024-23581

The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized application...

7.8CVSS0.00066EPSS
Exploits0References1
Total number of security vulnerabilities363661