Lucene search
K
VulnrichmentRecent

161697 matches found

Vulnrichment
Vulnrichment
added 2026/06/26 3:39 p.m.4 views

CVE-2026-9639 Authenticated Denial of Service via Malicious Backup Tarball in LXD

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...

6.5CVSS5.7AI score0.00389EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/26 3:27 p.m.6 views

CVE-2026-12411 Broken Access Control in Canonical LXD DevLXD API

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...

8.4CVSS5.8AI score0.00209EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/26 3:18 p.m.5 views

CVE-2026-45195 GPU DDK - rgxfw_set_mips_fault_address(&psInit->sFaultPhysAddr) is untrusted

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses...

5.8AI score0.00106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 3:15 p.m.9 views

CVE-2026-5757 There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...

6.7AI score0.00551EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/26 3:14 p.m.4 views

CVE-2026-21734 GPU DDK - libusc OOB write at TreeRemove during WebGPU shader compilation

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

5.8AI score0.00118EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57667 WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability

Sales Representative SQL Injection in Groundhogg = 4.5 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.4 views

CVE-2026-57665 WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in GravityView = 3.0.0 versions...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.4 views

CVE-2026-57663 WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.8 views

CVE-2026-57664 WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder = 1.1.6 versions...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57662 WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability

Contributor SQL Injection in Contest Gallery = 30.0.0 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57660 WordPress Booking and Rental Manager plugin <= 2.7.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Booking and Rental Manager = 2.7.1 versions...

5.3CVSS5.8AI score0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57661 WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability

Subscriber Broken Access Control in WPComplete = 2.9.5.5 versions...

5.4CVSS5.8AI score0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.7 views

CVE-2026-57659 WordPress Paid Memberships Pro - Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Paid Memberships Pro - Add Member From Admin = 0.7.2 versions...

8.8CVSS5.8AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.4 views

CVE-2026-57657 WordPress Gmail SMTP plugin <= 1.2.3.19 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Gmail SMTP = 1.2.3.19 versions...

4.3CVSS5.8AI score0.00098EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57658 WordPress TemplateSpare plugin <= 4.2.0 - Arbitrary File Upload vulnerability

Administrator Arbitrary File Upload in TemplateSpare = 4.2.0 versions...

9.1CVSS5.8AI score0.00278EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57656 WordPress Hester Core plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability

Author Cross Site Scripting XSS in Hester Core = 1.1.8 versions...

5.9CVSS5.8AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57655 WordPress Child theme Wizard plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Child Theme Wizard = 1.4 versions...

8.2CVSS5.8AI score0.00112EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57654 WordPress Affiliates Manager plugin <= 2.9.49 - Broken Access Control vulnerability

Affiliate Broken Access Control in Affiliates Manager = 2.9.49 versions...

6.5CVSS5.8AI score0.00174EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57653 WordPress WP Job Portal plugin <= 2.5.2 - SQL Injection vulnerability

Contributor SQL Injection in WP Job Portal = 2.5.2 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.3 views

CVE-2026-57651 WordPress Ghost Kit plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Ghost Kit = 3.6.0 versions...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.4 views

CVE-2026-57652 WordPress JS Help Desk plugin <= 3.1.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in JS Help Desk = 3.1.0 versions...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57650 WordPress Magazine Blocks plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Magazine Blocks = 1.8.3 versions...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57649 WordPress Shoppable Images Lite plugin <= 1.3 - Broken Access Control vulnerability

Subscriber Broken Access Control in Shoppable Images Lite = 1.3 versions...

4.3CVSS5.8AI score0.00213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57648 WordPress Nelio Content plugin <= 4.3.4 - Broken Access Control vulnerability

Contributor Broken Access Control in Nelio Content = 4.3.4 versions...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57646 WordPress Majestic Support plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability

Subscriber Insecure Direct Object References IDOR in Majestic Support = 1.1.7 versions...

5.4CVSS5.8AI score0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.7 views

CVE-2026-57647 WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.6.1 - Local File Inclusion vulnerability

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.4 views

CVE-2026-57645 WordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerability

newsletterssubscribers Broken Access Control in Newsletters = 4.13 versions...

8.1CVSS5.8AI score0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57643 WordPress WP Post Author plugin <= 3.9.1 - SQL Injection vulnerability

Contributor SQL Injection in WP Post Author = 3.9.1 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.9 views

CVE-2026-57644 WordPress Restaurant Menu by MotoPress plugin <= 2.4.10 - SQL Injection vulnerability

Contributor SQL Injection in Restaurant Menu by MotoPress = 2.4.10 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57642 WordPress Gallery plugin <= 4.7.8 - SQL Injection vulnerability

Contributor SQL Injection in Gallery = 4.7.8 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57641 WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Real Estate 7 = 3.5.9 versions...

6.5CVSS5.8AI score0.00127EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.9 views

CVE-2026-57640 WordPress MasterStudy LMS plugin <= 3.7.30 - Broken Access Control vulnerability

Subscriber Broken Access Control in MasterStudy LMS = 3.7.30 versions...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.4 views

CVE-2026-57638 WordPress Fluent Booking plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Fluent Booking = 2.1.0 versions...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57636 WordPress wpForo Forum plugin <= 3.0.9 - SQL Injection vulnerability

Contributor SQL Injection in wpForo Forum = 3.0.9 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57637 WordPress Abandoned Cart Lite for WooCommerce plugin <= 6.8.0 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...

4.3CVSS5.8AI score0.00107EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57635 WordPress FunnelKit Payment Gateway for Stripe WooCommerce plugin <= 1.14.0.3 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in FunnelKit Payment Gateway for Stripe WooCommerce = 1.14.0.3 versions...

6.5CVSS5.8AI score0.00123EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57633 WordPress WCBoost &#8211; Products Compare plugin <= 1.1.0 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57634 WordPress PPWP plugin <= 1.9.19 - Insecure Direct Object References (IDOR) vulnerability

Contributor Insecure Direct Object References IDOR in PPWP = 1.9.19 versions...

4.3CVSS5.8AI score0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.4 views

CVE-2026-57632 WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.19.0 - Broken Access Control vulnerability

Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend = 1.19.0 versions...

5.4CVSS5.8AI score0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57630 WordPress Blocksy Companion Pro plugin <= 2.1.46 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Blocksy Companion Pro = 2.1.46 versions...

5.3CVSS5.8AI score0.00228EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.15 views

CVE-2026-57631 WordPress Popup box plugin <= 6.0.1 - SQL Injection vulnerability

Administrator SQL Injection in Popup box = 6.0.1 versions...

7.6CVSS5.8AI score0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57629 WordPress StatCounter plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in StatCounter = 2.1.1 versions...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57628 WordPress WP All Import plugin <= 4.0.1 - SQL Injection vulnerability

Administrator SQL Injection in WP All Import = 4.0.1 versions...

7.6CVSS5.8AI score0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57627 WordPress Kirki plugin <= 6.0.11 - Server Side Request Forgery (SSRF) vulnerability

Subscriber Server Side Request Forgery SSRF in Kirki = 6.0.11 versions...

4.9CVSS5.8AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57622 WordPress WPCafe plugin <= 3.0.14 - Broken Access Control vulnerability

Subscriber Broken Access Control in WPCafe = 3.0.14 versions...

4.3CVSS5.8AI score0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.4 views

CVE-2026-57617 WordPress SeedProd Pro plugin < 6.19.5 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in SeedProd Pro 6.19.5 versions...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57618 WordPress Neve PRO theme <= 3.1.2 - Cross Site Scripting (XSS) vulnerability

Contributor Cross Site Scripting XSS in Neve PRO = 3.1.2 versions...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57431 WordPress Featured Image plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability

Author Cross Site Scripting XSS in Featured Image = 2.1 versions...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57325 WordPress NanoMag theme <= 1.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in NanoMag = 1.8 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57430 WordPress SEOPress PRO plugin <= 9.1.1 - Broken Access Control vulnerability

Contributor Broken Access Control in SEOPress PRO = 9.1.1 versions...

4.3CVSS5.8AI score0.00185EPSS
Exploits0References1
Total number of security vulnerabilities161697