160418 matches found
CVE-2026-57674 WordPress Timetics plugin <= 1.0.58 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Timetics = 1.0.58 versions...
CVE-2026-57673 WordPress Optimole plugin <= 4.2.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Optimole = 4.2.7 versions...
CVE-2026-57672 WordPress wpDataTables plugin <= 6.5.1.1 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in wpDataTables = 6.5.1.1 versions...
CVE-2026-57671 WordPress perfmatters plugin <= 2.6.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in perfmatters = 2.6.4 versions...
CVE-2026-57670 WordPress Google Maps CP plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Google Maps CP = 1.2.5 versions...
CVE-2026-57669 WordPress Advanced Contact form 7 DB plugin <= 2.0.9 - Broken Access Control vulnerability
Subscriber Broken Access Control in Advanced Contact form 7 DB = 2.0.9 versions...
CVE-2026-57625 WordPress Admin and Site Enhancements (ASE) Pro plugin <= 8.8.5 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Admin and Site Enhancements ASE Pro = 8.8.5 versions...
CVE-2026-57624 WordPress Blocksy Companion Pro plugin <= 2.1.46 - Remote Code Execution (RCE) vulnerability
Unauthenticated Remote Code Execution RCE in Blocksy Companion Pro = 2.1.46 versions...
CVE-2026-57623 WordPress W3 Total Cache plugin <= 2.9.4 - Arbitrary Code Execution vulnerability
Unauthenticated Arbitrary Code Execution in W3 Total Cache = 2.9.4 versions...
CVE-2026-57426 WordPress Modula - PRO plugin <= 2.10.8 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Modula - PRO = 2.10.8 versions...
CVE-2026-57366 WordPress WPAdverts plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in WPAdverts = 2.3.1 versions...
CVE-2026-57362 WordPress ChatBot plugin <= 8.3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in ChatBot = 8.3.2 versions...
CVE-2026-57361 WordPress Survey Maker plugin <= 5.2.2.5 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Survey Maker = 5.2.2.5 versions...
CVE-2026-57360 WordPress eCommerce Product Catalog plugin <= 3.5.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in eCommerce Product Catalog = 3.5.4 versions...
CVE-2026-57359 WordPress ReviewX plugin <= 2.3.10 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in ReviewX = 2.3.10 versions...
CVE-2026-57358 WordPress Customize My Account for WooCommerce plugin <= 4.3.9 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Customize My Account for WooCommerce = 4.3.9 versions...
CVE-2026-57357 WordPress Search Atlas SEO plugin <= 2.6.6 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Search Atlas SEO = 2.6.6 versions...
CVE-2026-57356 WordPress MC Woocommerce Wishlist plugin <= 1.9.19 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in MC Woocommerce Wishlist = 1.9.19 versions...
CVE-2026-57355 WordPress Classified Listing plugin <= 5.4.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in Classified Listing = 5.4.2 versions...
CVE-2026-57354 WordPress JetReviews plugin <= 3.0.0.1 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in JetReviews = 3.0.0.1 versions...
CVE-2026-57353 WordPress Link Whisper Premium plugin <= 2.9.0 - Broken Access Control vulnerability
Subscriber Broken Access Control in Link Whisper Premium = 2.9.0 versions...
CVE-2026-57352 WordPress ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce plugin <= 2.2.0 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce = 2.2.0 versions...
CVE-2026-57351 WordPress HandL UTM Grabber plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...
CVE-2026-57350 WordPress WP Debugging plugin <= 2.12.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in WP Debugging = 2.12.2 versions...
CVE-2026-57348 WordPress Paid Member Subscriptions plugin <= 3.0.4 - Server Side Request Forgery (SSRF) vulnerability
Unauthenticated Server Side Request Forgery SSRF in Paid Member Subscriptions = 3.0.4 versions...
CVE-2026-57347 WordPress Hotel Booking Lite plugin <= 6.0.3 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in Hotel Booking Lite = 6.0.3 versions...
CVE-2026-57345 WordPress Internal Links Manager plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...
CVE-2026-57344 WordPress Classified Listing plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.4.2 versions...
CVE-2026-57343 WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...
CVE-2026-57342 WordPress ShortPixel Adaptive Images plugin <= 3.11.3 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in ShortPixel Adaptive Images = 3.11.3 versions...
CVE-2026-49779 WordPress Tax Exempt for WooCommerce plugin <= 1.9.3 - Path Traversal vulnerability
Customer Path Traversal in Tax Exempt for WooCommerce = 1.9.3 versions...
CVE-2026-42382 WordPress Audrey theme <= 1.5 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Audrey = 1.5 versions...
CVE-2026-39448 WordPress NOWPayments for WooCommerce plugin <= 1.4.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in NOWPayments for WooCommerce = 1.4.0 versions...
CVE-2026-27436 WordPress Five Star Business Profile and Schema plugin <= 2.3.19 - Arbitrary Code Execution vulnerability
Editor Arbitrary Code Execution in Five Star Business Profile and Schema = 2.3.19 versions...
CVE-2026-27430 WordPress TheFox theme <= 3.9.76 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in TheFox = 3.9.76 versions...
CVE-2026-27433 WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Motors = 5.6.80 versions...
CVE-2026-27426 WordPress Automotive Car Dealership Business theme <= 13.3.3 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Automotive Car Dealership Business = 13.3.3 versions...
CVE-2026-27425 WordPress Automotive Listings plugin <= 18.6 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Automotive Listings = 18.6 versions...
CVE-2026-27419 WordPress Zegen theme <= 1.1.9 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Zegen = 1.1.9 versions...
CVE-2026-27414 WordPress Werkstatt theme <= 4.8.3 - PHP Object Injection vulnerability
Contributor PHP Object Injection in Werkstatt = 4.8.3 versions...
CVE-2026-27412 WordPress Pearl - Corporate Business theme <= 3.4.10 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Pearl - Corporate Business = 3.4.10 versions...
CVE-2026-27408 WordPress NativeChurch theme <= 4.8.8.2 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in NativeChurch = 4.8.8.2 versions...
CVE-2026-27404 WordPress LMS theme <= 9.7 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in LMS = 9.7 versions...
CVE-2026-27060 WordPress ARMember Premium plugin <= 7.0 - PHP Object Injection vulnerability
Contributor PHP Object Injection in ARMember Premium = 7.0 versions...
CVE-2025-69156 WordPress Kids Zone - Children WordPress Theme theme <= 5.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Kids Zone - Children WordPress Theme = 5.4 versions...
CVE-2025-69155 WordPress Fitness Zone WordPress Theme theme <= 5.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Fitness Zone WordPress Theme = 5.7 versions...
CVE-2025-69154 WordPress SpaLab | Beauty Salon WordPress Theme theme <= 6.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in SpaLab | Beauty Salon WordPress Theme = 6.7 versions...
CVE-2025-69153 WordPress Trendy Travel theme <= 6.7 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Trendy Travel = 6.7 versions...
CVE-2025-69152 WordPress Artale | Wedding Photography WordPress theme <= 2.2.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Artale | Wedding Photography WordPress = 2.2.2 versions...
CVE-2025-69134 WordPress OpenAI Chatbot for WordPress – Helper plugin <= 1.1.4 - Arbitrary Content Deletion vulnerability
Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper = 1.1.4 versions...