160341 matches found
CVE-2026-57345 WordPress Internal Links Manager plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...
CVE-2026-57344 WordPress Classified Listing plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.4.2 versions...
CVE-2026-57343 WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...
CVE-2026-57342 WordPress ShortPixel Adaptive Images plugin <= 3.11.3 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in ShortPixel Adaptive Images = 3.11.3 versions...
CVE-2026-49779 WordPress Tax Exempt for WooCommerce plugin <= 1.9.3 - Path Traversal vulnerability
Customer Path Traversal in Tax Exempt for WooCommerce = 1.9.3 versions...
CVE-2026-42382 WordPress Audrey theme <= 1.5 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Audrey = 1.5 versions...
CVE-2026-39448 WordPress NOWPayments for WooCommerce plugin <= 1.4.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in NOWPayments for WooCommerce = 1.4.0 versions...
CVE-2026-27436 WordPress Five Star Business Profile and Schema plugin <= 2.3.19 - Arbitrary Code Execution vulnerability
Editor Arbitrary Code Execution in Five Star Business Profile and Schema = 2.3.19 versions...
CVE-2026-27430 WordPress TheFox theme <= 3.9.76 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in TheFox = 3.9.76 versions...
CVE-2026-27433 WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Motors = 5.6.80 versions...
CVE-2026-27426 WordPress Automotive Car Dealership Business theme <= 13.3.3 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Automotive Car Dealership Business = 13.3.3 versions...
CVE-2026-27425 WordPress Automotive Listings plugin <= 18.6 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Automotive Listings = 18.6 versions...
CVE-2026-27419 WordPress Zegen theme <= 1.1.9 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Zegen = 1.1.9 versions...
CVE-2026-27414 WordPress Werkstatt theme <= 4.8.3 - PHP Object Injection vulnerability
Contributor PHP Object Injection in Werkstatt = 4.8.3 versions...
CVE-2026-27412 WordPress Pearl - Corporate Business theme <= 3.4.10 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Pearl - Corporate Business = 3.4.10 versions...
CVE-2026-27408 WordPress NativeChurch theme <= 4.8.8.2 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in NativeChurch = 4.8.8.2 versions...
CVE-2026-27404 WordPress LMS theme <= 9.7 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in LMS = 9.7 versions...
CVE-2026-27060 WordPress ARMember Premium plugin <= 7.0 - PHP Object Injection vulnerability
Contributor PHP Object Injection in ARMember Premium = 7.0 versions...
CVE-2025-69156 WordPress Kids Zone - Children WordPress Theme theme <= 5.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Kids Zone - Children WordPress Theme = 5.4 versions...
CVE-2025-69155 WordPress Fitness Zone WordPress Theme theme <= 5.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Fitness Zone WordPress Theme = 5.7 versions...
CVE-2025-69154 WordPress SpaLab | Beauty Salon WordPress Theme theme <= 6.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in SpaLab | Beauty Salon WordPress Theme = 6.7 versions...
CVE-2025-69153 WordPress Trendy Travel theme <= 6.7 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Trendy Travel = 6.7 versions...
CVE-2025-69152 WordPress Artale | Wedding Photography WordPress theme <= 2.2.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Artale | Wedding Photography WordPress = 2.2.2 versions...
CVE-2025-69134 WordPress OpenAI Chatbot for WordPress – Helper plugin <= 1.1.4 - Arbitrary Content Deletion vulnerability
Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper = 1.1.4 versions...
CVE-2025-69133 WordPress Tourmaster plugin <= 5.4.5 - Local File Inclusion vulnerability
Subscriber Local File Inclusion in Tourmaster = 5.4.5 versions...
CVE-2025-69132 WordPress Corpkit theme <= 1.0.5 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in Corpkit = 1.0.5 versions...
CVE-2025-69094 WordPress Unicamp theme <= 2.2.2 - SQL Injection vulnerability
Subscriber SQL Injection in Unicamp = 2.2.2 versions...
CVE-2025-66076 WordPress Woostify Sites Library plugin <= 1.6.2 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Woostify Sites Library = 1.6.2 versions...
CVE-2025-58902 WordPress Lighthouse theme <= 1.2.12 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Lighthouse = 1.2.12 versions...
CVE-2026-11946 GetEndpoints Memory Exhaustion in open62541
An unauthenticated remote attacker can exhaust server memory via the GetEndpoints Discovery Service in open62541. The endpointUrl field of GetEndpointsRequest is not validated for length. An attacker can declare an arbitrarily large string up to 4.09 GB via the UInt32 length field delivered acros...
CVE-2026-54431 Improper Data Validation in liboauth2
In liboauth2 the Demonstrating Proof-of-Possession DPoP verifier accepts a proof whose JSON Web Key jwk header contains private key material. RFC 9449 section 4.3 step 7 requires the verifier to reject such a proof but oauth2tokenverify function returns success for a malformed DPoP proof that...
CVE-2026-54430 Server-Site Request Forgery in liboauth2
liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...
CVE-2026-8441 WP Review Slider Pro <= 12.7.2 - Unauthenticated SQL Injection via 'notinstring' Parameter
The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'notinstring' parameter of the wprploadmorerevs AJAX action in versions up to, and including, 12.7.2. The parameter is read via $POST'notinstring' and passed through sanitizetextfield — which strips HTML and...
CVE-2026-13369 Ninja Forms - File Uploads <= 3.3.29 - Unauthenticated Arbitrary File Read via File Upload Field 'files[].data.file_path' Parameter
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to Arbitrary File Read via the attachfiles function in versions up to, and including, 3.3.29. This is due to the getfilesforattachment function accepting a raw attacker-controlled 'files' array when the process method returns early...
CVE-2026-13251 Perfmatters <= 2.6.4 - Unauthenticated Arbitrary File Read via 's' Parameter
The Perfmatters plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.4 via the 's' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2026-9145 Database for Contact Form 7, WPforms, Elementor forms <= 1.5.1 - Unauthenticated Arbitrary File Copy/Upload via Elementor Pro Form Upload Field 'raw_value'
The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to Arbitrary File Copy via the createentryel function in versions up to, and including, 1.5.1. The function reads rawvalue from Elementor Pro's FormRecord object for upload-type fields and passes it...
CVE-2026-8482 Information leak in NSRPC client history
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
CVE-2026-14029 Groundhogg <= 4.5.8 - Authenticated (Custom+) SQL Injection via 'select' Parameter
The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'select' parameter in all versions up to, and including, 4.5.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2026-10104 Product Video Gallery for Woocommerce <= 1.5.1.8 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via custom_thumbnail Parameter
The Product Video Gallery for Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via customthumbnail Parameter in all versions up to, and including, 1.5.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2026-13252 RSS Aggregator by Feedzy <= 5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aspectRatio' Attribute
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'aspectRatio' Attribute in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. Th...
CVE-2026-12472 Kirki <= 6.0.11 - Missing Authorization to Unauthenticated Arbitrary Email Content Injection (Mail Relay / Phishing) via 'emailBody' and 'emailSubject' Parameters
The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.11. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-11896 My Calendar <= 3.7.14 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure via 'vcal' Parameter
The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.14 via the 'vcal' parameter due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to...
CVE-2026-12122 Kirki <= 6.0.11 - Missing Authorization to Unauthenticated Sensitive Information Exposure via kirki_post_apis_nopriv AJAX Action
The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.11 via the getsinglesymbol. This makes it possible for unauthenticated attackers to extract the full builder metadata and...
CVE-2026-12134 JoomSport <= 5.7.8 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification via season_groupedit AJAX action
The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.7.8. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-9834 WP Database Backup <= 7.11 - Authenticated (Administrator+) OS Command Injection via 'wp_db_exclude_table' Parameter
The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to OS Command Injection in all versions up to and including 7.11 via the wpdbexcludetable parameter. This is due to the direct concatenation of user-supplied $POST'wpdbexcludetable' valu...
CVE-2026-13459 JetFormBuilder <= 3.6.3 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via 'context' Parameter
The JetFormBuilder — Dynamic Blocks Form Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.6.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...
CVE-2026-9188 Appointment Bookings for Zoom GoogleMeet and more – Wappointment <= 2.7.6 - Unauthenticated Insecure Direct Object Reference via Predictable 'edit_key' / 'appointmentkey' Parameter
The Appointment Bookings for Zoom GoogleMeet and more – Wappointment plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 2.7.6 via the appointmentkey parameter due to the appointment editkey — the sole authorization token consumed by tryCance...
CVE-2026-12657 LatePoint <= 5.6.2 - Unauthenticated Insecure Direct Object Reference to Arbitrary Creation via 'service_id' Parameter
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.2 via the 'serviceid' parameter due to missing validation on a user controlled key. This makes it possible for...
CVE-2026-14336
PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...
CVE-2026-8147 Authorization Bypass in mlflow/mlflow
In MLflow versions prior to 3.14.0, when running with authentication enabled, the trace API endpoints lack proper authorization validators. This allows any authenticated user to bypass experiment-level authorization controls on all trace operations, including reading, deleting, and modifying trac...