Lucene search
K

363761 matches found

NVD
NVD
•added 2026/06/26 3:16 p.m.•8 views

CVE-2026-57638

Contributor Cross Site Scripting XSS in Fluent Booking = 2.1.0 versions...

6.5CVSS0.00161EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-57640

Subscriber Broken Access Control in MasterStudy LMS = 3.7.30 versions...

4.3CVSS0.00243EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-57637

Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...

4.3CVSS0.00107EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-57635

Unauthenticated Cross Site Request Forgery CSRF in FunnelKit Payment Gateway for Stripe WooCommerce = 1.14.0.3 versions...

6.5CVSS0.00123EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57642

Contributor SQL Injection in Gallery = 4.7.8 versions...

8.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•8 views

CVE-2026-57631

Administrator SQL Injection in Popup box = 6.0.1 versions...

7.6CVSS0.00279EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-57632

Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend = 1.19.0 versions...

5.4CVSS0.00275EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•8 views

CVE-2026-57630

Unauthenticated Insecure Direct Object References IDOR in Blocksy Companion Pro = 2.1.46 versions...

5.3CVSS0.00228EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-57633

Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...

5.3CVSS0.0024EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•8 views

CVE-2026-57628

Administrator SQL Injection in WP All Import = 4.0.1 versions...

7.6CVSS0.00279EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57627

Subscriber Server Side Request Forgery SSRF in Kirki = 6.0.11 versions...

4.9CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57634

Contributor Insecure Direct Object References IDOR in PPWP = 1.9.19 versions...

4.3CVSS0.00185EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57629

Contributor Cross Site Scripting XSS in StatCounter = 2.1.1 versions...

6.5CVSS0.00161EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-57617

Contributor Cross Site Scripting XSS in SeedProd Pro 6.19.5 versions...

6.5CVSS0.00161EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-57622

Subscriber Broken Access Control in WPCafe = 3.0.14 versions...

4.3CVSS0.00259EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-57618

Contributor Cross Site Scripting XSS in Neve PRO = 3.1.2 versions...

6.5CVSS0.00161EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-57430

Contributor Broken Access Control in SEOPress PRO = 9.1.1 versions...

4.3CVSS0.00185EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-57325

Unauthenticated Cross Site Scripting XSS in NanoMag = 1.8 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-57527

Zed Attack Proxy ZAP ViewState add-on before version 4 contains an insecure deserialization vulnerability that allows attackers who control a proxied web server to achieve arbitrary code execution by embedding a malicious serialized Java object in the javax.faces.ViewState HTTP response parameter...

8.8CVSS0.00463EPSS
Exploits0References5
NVD
NVD
•added 2026/06/26 3:16 p.m.•9 views

CVE-2026-57324

Unauthenticated Broken Access Control in GIFT4U = 1.0.10 versions...

6.5CVSS0.00242EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-57431

Author Cross Site Scripting XSS in Featured Image = 2.1 versions...

6.5CVSS0.00161EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57319

Unauthenticated Cross Site Scripting XSS in FOX = 1.4.8 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57316

Subscriber Sensitive Data Exposure in GetGenie = 4.4.2 versions...

6.5CVSS0.00355EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57322

Unauthenticated Cross Site Scripting XSS in weMail = 2.1.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57323

Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...

5.8CVSS0.00228EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57317

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.12.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-57315

Contributor Remote Code Execution RCE in Blocksy Companion Pro = 2.1.45 versions...

8.5CVSS0.00351EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57318

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS0.00355EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57321

Contributor Arbitrary File Deletion in H5P = 1.17.7 versions...

7.1CVSS0.00294EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57314

Unauthenticated Cross Site Scripting XSS in SureCart = 4.3.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-57313

Subscriber Cross Site Scripting XSS in SureCart = 4.2.2 versions...

6.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56072

Unauthenticated Cross Site Scripting XSS in WoodMart = 8.5.3 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-57312

Unauthenticated Cross Site Scripting XSS in Everest Forms = 3.4.8 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56773

Teable's v2 REST API controller lacks @Permissions metadata on ORPC endpoints, allowing any authenticated user to bypass authorization checks. Attackers can read table schemas, create tables, and modify or delete records across bases and tables via endpoints like GET /api/v2/tables/get and POST...

8.8CVSS0.00371EPSS
Exploits0References3
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56069

Unauthenticated Insecure Direct Object References IDOR in Toolset Forms = 2.6.24 versions...

7.5CVSS0.003EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56070

Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...

9.3CVSS0.00236EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56067

Unauthenticated SQL Injection in JetSmartFilters = 3.8.3 versions...

9.3CVSS0.00236EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•9 views

CVE-2026-56068

Unauthenticated SQL Injection in JetEngine = 3.8.10.2 versions...

9.3CVSS0.00236EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56057

Subscriber PHP Object Injection in Uncanny Automator Pro = 7.3.0.6 versions...

9.8CVSS0.00426EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56060

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...

7.5CVSS0.00303EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-56066

Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...

5.8CVSS0.00346EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56058

Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...

9.9CVSS0.00362EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•9 views

CVE-2026-56059

Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...

9.9CVSS0.00362EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56062

Unauthenticated SQL Injection in Quotes llama = 3.1.5 versions...

9.3CVSS0.00236EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-56064

Subscriber SQL Injection in Tourfic = 2.22.5 versions...

8.5CVSS0.00278EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56063

Unauthenticated Broken Access Control in MailChimp Block = 1.1.15 versions...

8.3CVSS0.00178EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-56061

Unauthenticated Broken Access Control in Subscriptions for WooCommerce = 1.9.5 versions...

7.5CVSS0.00246EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•7 views

CVE-2026-56043

Unauthenticated Cross Site Scripting XSS in Customer Reviews for WooCommerce = 5.110.1 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•6 views

CVE-2026-56046

Subscriber Cross Site Scripting XSS in ListingPro = 2.9.11 versions...

6.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
•added 2026/06/26 3:16 p.m.•5 views

CVE-2026-56045

Unauthenticated Cross Site Scripting XSS in Automatic 3.135.1 versions...

7.1CVSS0.0018EPSS
Exploits0References1
Total number of security vulnerabilities363761