Lucene search
+L
VulnrichmentRecent

163420 matches found

vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40791 WordPress WP Time Slots Booking Form plugin <= 1.2.46 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WP Time Slots Booking Form = 1.2.46 versions...

7.1CVSS5.1AI score0.0021EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-40790 WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in WP SMS = 7.2.1 versions...

6.5CVSS5.2AI score0.00326EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-40789 WordPress Amelia plugin <= 2.2 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Amelia = 2.2 versions...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-40788 WordPress ChatBot plugin <= 7.9.7 - Broken Access Control vulnerability

Subscriber Broken Access Control in ChatBot = 7.9.7 versions...

7.1CVSS5.1AI score0.00307EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-40787 WordPress Quiz And Survey Master plugin <= 11.0.0 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Quiz And Survey Master = 11.0.0 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40785 WordPress AutomatorWP plugin <= 5.6.7 - Broken Authentication vulnerability

Subscriber Broken Authentication in AutomatorWP = 5.6.7 versions...

7.1CVSS5.2AI score0.00385EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40782 WordPress WPAdverts plugin <= 2.3.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WPAdverts = 2.3.0 versions...

6.5CVSS5.1AI score0.00242EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-40781 WordPress ReviewX plugin <= 2.3.6 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in ReviewX = 2.3.6 versions...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-40776 WordPress Eventin plugin <= 4.1.8 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...

7.5CVSS5.1AI score0.00414EPSS
Exploits2References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40779 WordPress Link Library plugin <= 7.8.8 - Arbitrary File Deletion vulnerability

Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...

7.7CVSS5.2AI score0.00327EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•6 views

CVE-2026-40774 WordPress Booking Package plugin <= 1.7.06 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Booking Package = 1.7.06 versions...

7.5CVSS5.2AI score0.00238EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40775 WordPress Royal MCP plugin <= 1.4.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Royal MCP = 1.4.2 versions...

7.3CVSS5.1AI score0.00219EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40773 WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.7.9 - Broken Access Control vulnerability

Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress = 4.7.9 versions...

6.5CVSS5.1AI score0.00279EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40771 WordPress Contest Gallery plugin <= 28.1.6 - SQL Injection vulnerability

Unauthenticated SQL Injection in Contest Gallery = 28.1.6 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40772 WordPress GeekyBot plugin <= 1.2.2 - Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...

10CVSS5.2AI score0.00347EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-40770 WordPress Coupon Affiliates plugin <= 7.5.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Coupon Affiliates = 7.5.3 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-40767 WordPress wpForo Forum plugin < 3.0.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in wpForo Forum 3.0.2 versions...

7.5CVSS5.2AI score0.00287EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-40769 WordPress Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin <= 1.0.6 - Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion in Contact Form Extender for Divi Save Entries, File Upload & Country Code Field = 1.0.6 versions...

8.6CVSS5.3AI score0.00442EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-40766 WordPress MasterStudy LMS plugin <= 3.7.25 - SQL Injection vulnerability

Subscriber SQL Injection in MasterStudy LMS = 3.7.25 versions...

8.5CVSS5.8AI score0.00332EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-40743 WordPress Tutor LMS plugin <= 3.9.7 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Tutor LMS = 3.9.7 versions...

6.5CVSS5.1AI score0.00252EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-40762 WordPress WPGraphQL plugin < 2.11.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in WPGraphQL 2.11.1 versions...

7.5CVSS5.7AI score0.00251EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40741 WordPress Redsys for WooCommerce Light plugin <= 7.0.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Redsys for WooCommerce Light = 7.0.0 versions...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-40727 WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability

Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...

7.7CVSS5.2AI score0.00342EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40732 WordPress Notification for Telegram plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•10 views

CVE-2026-39594 WordPress Ultra Addons for WPForms plugin <= 1.0.11 - Broken Access Control vulnerability

Subscriber Broken Access Control in Ultra Addons for WPForms = 1.0.11 versions...

6.4CVSS5.2AI score0.00287EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-39591 WordPress WP-BusinessDirectory plugin <= 4.0.0 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...

9.9CVSS5.2AI score0.00465EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-39587 WordPress WP BASE Booking plugin <= 5.9.0 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in WP BASE Booking = 5.9.0 versions...

8.1CVSS5.2AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-39583 WordPress Datalogics Ecommerce Delivery plugin <= 2.6.62 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery = 2.6.62 versions...

9.8CVSS5.2AI score0.00357EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-39584 WordPress RepairBuddy plugin <= 4.1132 - Broken Access Control vulnerability

Subscriber Broken Access Control in RepairBuddy = 4.1132 versions...

6.5CVSS5.1AI score0.00326EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-39579 WordPress B Blocks plugin <= 2.0.31 - Privilege Escalation vulnerability

Contributor Privilege Escalation in B Blocks = 2.0.31 versions...

8.8CVSS5.2AI score0.00278EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-39534 WordPress WP Directory Kit plugin <= 1.5.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WP Directory Kit = 1.5.0 versions...

7.5CVSS5.1AI score0.00306EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-39540 WordPress Shipment Tracker for Woocommerce plugin <= 1.5.3.2 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in Shipment Tracker for Woocommerce = 1.5.3.2 versions...

6.5CVSS5.1AI score0.00205EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•5 views

CVE-2026-39533 WordPress AWP Classifieds plugin <= 4.4.4 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in AWP Classifieds = 4.4.4 versions...

7.5CVSS5.1AI score0.00304EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•6 views

CVE-2026-39532 WordPress Events Calendar for GeoDirectory plugin <= 2.3.25 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Events Calendar for GeoDirectory = 2.3.25 versions...

8.8CVSS5.3AI score0.00344EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-39530 WordPress SpeakOut! Email Petitions plugin <= 4.6.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...

9.3CVSS5.7AI score0.00296EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-39527 WordPress WpStream plugin < 4.11.2 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in WpStream 4.11.2 versions...

5.4CVSS5.2AI score0.00291EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-39525 WordPress Booking Activities plugin <= 1.16.48.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Booking Activities = 1.16.48.1 versions...

6.5CVSS5.2AI score0.00242EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•6 views

CVE-2026-39524 WordPress Masteriyo - LMS plugin <= 2.1.5 - Payment Bypass vulnerability

Unauthenticated Broken Access Control in Masteriyo - LMS = 2.1.5 versions...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-39519 WordPress GeekyBot plugin <= 1.2.0 - SQL Injection vulnerability

Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•9 views

CVE-2026-39518 WordPress EventPrime plugin <= 4.3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Subscriber Insecure Direct Object References IDOR in EventPrime = 4.3.0.0 versions...

7.1CVSS5.2AI score0.00278EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:18 p.m.•6 views

CVE-2026-39515 WordPress Motors plugin < 1.4.107 - Broken Access Control vulnerability

Subscriber Broken Access Control in Motors 1.4.107 versions...

6.5CVSS5.1AI score0.00352EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•9 views

CVE-2026-39514 WordPress Paid Member Subscriptions plugin <= 2.17.3 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Paid Member Subscriptions = 2.17.3 versions...

7.1CVSS5.2AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•8 views

CVE-2026-39513 WordPress Easy Appointments plugin <= 3.12.21 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Easy Appointments = 3.12.21 versions...

7.5CVSS5.2AI score0.00287EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•7 views

CVE-2026-39512 WordPress GeoDirectory plugin <= 2.8.152 - SQL Injection vulnerability

Unauthenticated SQL Injection in GeoDirectory = 2.8.152 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•14 views

CVE-2026-39511 WordPress WP Photo Album Plus plugin <= 9.1.08.001 - SQL Injection vulnerability

Unauthenticated SQL Injection in WP Photo Album Plus = 9.1.08.001 versions...

9.3CVSS5.7AI score0.00295EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•6 views

CVE-2026-39507 WordPress Social Slider Feed plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Social Slider Feed = 2.3.2 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•10 views

CVE-2026-39503 WordPress Easy Digital Downloads plugin <= 3.6.5 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Easy Digital Downloads = 3.6.5 versions...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•7 views

CVE-2026-39502 WordPress Form Maker by 10Web plugin <= 1.15.38 - SQL Injection vulnerability

Unauthenticated SQL Injection in Form Maker by 10Web = 1.15.38 versions...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•8 views

CVE-2026-39498 WordPress YayMail plugin <= 4.3.3 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in YayMail = 4.3.3 versions...

7.2CVSS5.3AI score0.00359EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2026/06/15 8:17 p.m.•13 views

CVE-2026-39499 WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.19 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in Advanced Product Fields Product Addons for WooCommerce = 1.6.19 versions...

7.2CVSS5.4AI score0.00446EPSS
Exploits0References1
Total number of security vulnerabilities163420