Lucene search
+L
VulnrichmentRecent

163587 matches found

vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-39532 WordPress Events Calendar for GeoDirectory plugin <= 2.3.25 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Events Calendar for GeoDirectory = 2.3.25 versions...

8.8CVSS5.3AI score0.00344EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.8 views

CVE-2026-39530 WordPress SpeakOut! Email Petitions plugin <= 4.6.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...

9.3CVSS5.7AI score0.00296EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-39527 WordPress WpStream plugin < 4.11.2 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in WpStream 4.11.2 versions...

5.4CVSS5.2AI score0.00291EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-39525 WordPress Booking Activities plugin <= 1.16.48.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Booking Activities = 1.16.48.1 versions...

6.5CVSS5.2AI score0.00242EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-39524 WordPress Masteriyo - LMS plugin <= 2.1.5 - Payment Bypass vulnerability

Unauthenticated Broken Access Control in Masteriyo - LMS = 2.1.5 versions...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-39519 WordPress GeekyBot plugin <= 1.2.0 - SQL Injection vulnerability

Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.9 views

CVE-2026-39518 WordPress EventPrime plugin <= 4.3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Subscriber Insecure Direct Object References IDOR in EventPrime = 4.3.0.0 versions...

7.1CVSS5.2AI score0.00278EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-39515 WordPress Motors plugin < 1.4.107 - Broken Access Control vulnerability

Subscriber Broken Access Control in Motors 1.4.107 versions...

6.5CVSS5.1AI score0.00352EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.9 views

CVE-2026-39514 WordPress Paid Member Subscriptions plugin <= 2.17.3 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Paid Member Subscriptions = 2.17.3 versions...

7.1CVSS5.2AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.8 views

CVE-2026-39513 WordPress Easy Appointments plugin <= 3.12.21 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Easy Appointments = 3.12.21 versions...

7.5CVSS5.2AI score0.00287EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39512 WordPress GeoDirectory plugin <= 2.8.152 - SQL Injection vulnerability

Unauthenticated SQL Injection in GeoDirectory = 2.8.152 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.14 views

CVE-2026-39511 WordPress WP Photo Album Plus plugin <= 9.1.08.001 - SQL Injection vulnerability

Unauthenticated SQL Injection in WP Photo Album Plus = 9.1.08.001 versions...

9.3CVSS5.7AI score0.00295EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.6 views

CVE-2026-39507 WordPress Social Slider Feed plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Social Slider Feed = 2.3.2 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.10 views

CVE-2026-39503 WordPress Easy Digital Downloads plugin <= 3.6.5 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Easy Digital Downloads = 3.6.5 versions...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39502 WordPress Form Maker by 10Web plugin <= 1.15.38 - SQL Injection vulnerability

Unauthenticated SQL Injection in Form Maker by 10Web = 1.15.38 versions...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.8 views

CVE-2026-39498 WordPress YayMail plugin <= 4.3.3 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in YayMail = 4.3.3 versions...

7.2CVSS5.3AI score0.00359EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.13 views

CVE-2026-39499 WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.19 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in Advanced Product Fields Product Addons for WooCommerce = 1.6.19 versions...

7.2CVSS5.4AI score0.00446EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.8 views

CVE-2026-39493 WordPress Simply Schedule Appointments plugin <= 1.6.9.27 - SQL Injection vulnerability

Unauthenticated SQL Injection in Simply Schedule Appointments = 1.6.9.27 versions...

9.3CVSS5.7AI score0.00363EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.10 views

CVE-2026-39492 WordPress WP Maps plugin <= 4.9.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in WP Maps = 4.9.1 versions...

9.3CVSS5.7AI score0.00363EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.10 views

CVE-2026-39491 WordPress JupiterX Core plugin <= 4.14.1 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in JupiterX Core = 4.14.1 versions...

6.5CVSS5.1AI score0.00229EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.10 views

CVE-2026-39489 WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS5.2AI score0.00337EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.9 views

CVE-2026-39481 WordPress Modula Image Gallery plugin <= 2.14.18 - PHP Object Injection vulnerability

Author PHP Object Injection in Modula Image Gallery = 2.14.18 versions...

7.2CVSS5.3AI score0.00446EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.8 views

CVE-2026-39480 WordPress Backup Migration plugin <= 2.1.1 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Backup Migration = 2.1.1 versions...

7.5CVSS5.2AI score0.00376EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39474 WordPress Post Duplicator plugin <= 3.0.10 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Post Duplicator = 3.0.10 versions...

8.8CVSS5.3AI score0.00428EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39478 WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.87 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...

8.8CVSS5.3AI score0.00428EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.6 views

CVE-2026-39472 WordPress WooCommerce PDF Invoices & Packing Slips plugin < 5.9.0 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...

7.2CVSS5.3AI score0.00446EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39471 WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - PHP Object Injection vulnerability

Author PHP Object Injection in ShortPixel Image Optimizer = 6.4.3 versions...

7.2CVSS5.4AI score0.00446EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.8 views

CVE-2026-39470 WordPress WooCommerce Cart Abandonment Recovery plugin < 2.1.0 - Privilege Escalation vulnerability

Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery 2.1.0 versions...

7.2CVSS5.2AI score0.00382EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.11 views

CVE-2026-39468 WordPress Meta Box – WordPress Custom Fields Framework plugin <= 5.11.1 - Arbitrary File Deletion vulnerability

Contributor Arbitrary File Deletion in Meta Box – WordPress Custom Fields Framework = 5.11.1 versions...

6.8CVSS5.2AI score0.00355EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.6 views

CVE-2026-39465 WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - Remote Code Execution (RCE) vulnerability

Editor Remote Code Execution RCE in Responsive Slider by MetaSlider = 3.106.0 versions...

9.1CVSS5.5AI score0.0068EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39463 WordPress ManageWP Worker plugin <= 4.9.31 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in ManageWP Worker = 4.9.31 versions...

7.1CVSS5.1AI score0.0023EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39451 WordPress WP Google Review Slider plugin <= 18.0 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WP Google Review Slider = 18.0 versions...

6.3CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.8 views

CVE-2026-39450 WordPress FunnelKit Automations plugin <= 3.7.3 - Broken Authentication vulnerability

Subscriber Broken Authentication in FunnelKit Automations = 3.7.3 versions...

7.1CVSS5.2AI score0.00385EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-39449 WordPress Contact Form to Any API plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Contact Form to Any API = 3.0.3 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.11 views

CVE-2026-39447 WordPress Simply Schedule Appointments plugin <= 1.6.10.6 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.10.6 versions...

7.1CVSS5.1AI score0.00237EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.6 views

CVE-2026-39435 WordPress CformsII plugin <= 15.1.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in CformsII = 15.1.3 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.11 views

CVE-2026-39441 WordPress Feed KuantoKusta for WooCommerce – Free plugin <= 5.3 - SQL Injection vulnerability

Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free = 5.3 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.6 views

CVE-2026-39434 WordPress CTX Feed plugin <= 6.6.26 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in CTX Feed = 6.6.26 versions...

7.2CVSS5.3AI score0.00446EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.10 views

CVE-2026-34902 WordPress WooCommerce Product Table Lite plugin <= 4.6.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WooCommerce Product Table Lite = 4.6.3 versions...

7.1CVSS5.2AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.6 views

CVE-2026-34901 WordPress iControlWP plugin <= 5.5.3 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in iControlWP = 5.5.3 versions...

9.8CVSS5.2AI score0.00321EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.10 views

CVE-2026-34900 WordPress GiveWP plugin <= 4.14.2 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in GiveWP = 4.14.2 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.8 views

CVE-2026-34898 WordPress Event Tickets Manager for WooCommerce plugin <= 1.5.3 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce = 1.5.3 versions...

7.5CVSS5.1AI score0.00246EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.21 views

CVE-2026-34892 WordPress Rank Math SEO plugin <= 1.0.271 - Broken Access Control vulnerability

Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...

6.5CVSS5.1AI score0.00271EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.8 views

CVE-2026-34891 WordPress IDPay Payment Gateway for Woocommerce plugin <= 2.2.5 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...

7.5CVSS5.2AI score0.00303EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.9 views

CVE-2026-34886 WordPress Simple Membership plugin <= 4.7.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

7.5CVSS5.2AI score0.00251EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.12 views

CVE-2026-27407 WordPress AI Engine plugin <= 3.4.9 - Privilege Escalation vulnerability

Editor Privilege Escalation in AI Engine = 3.4.9 versions...

7.2CVSS5.2AI score0.00393EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.9 views

CVE-2026-27333 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Deserialization of untrusted data vulnerability

Unauthenticated Deserialization of untrusted data in Paid Videochat Turnkey Site = 7.3.23 versions...

8.1CVSS5.2AI score0.00317EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.9 views

CVE-2026-27089 WordPress WpTravelly plugin <= 2.1.7 - Bypass Vulnerability vulnerability

Unauthenticated Bypass Vulnerability in WpTravelly = 2.1.7 versions...

7.5CVSS5.2AI score0.00267EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.7 views

CVE-2026-27053 WordPress Broadcast Live Video plugin < 7.1.3 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Broadcast Live Video 7.1.3 versions...

9.8CVSS5.3AI score0.00386EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/15 8:17 p.m.9 views

CVE-2026-25425 WordPress User Registration plugin <= 5.1.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in User Registration = 5.1.2 versions...

7.5CVSS5.2AI score0.00372EPSS
Exploits0References1
Total number of security vulnerabilities163587