Lucene search
+L

372150 matches found

CVE
CVE
added 2026/07/02 11:32 a.m.18 views

CVE-2026-57678

CVE-2026-57678 concerns the WordPress Slider Revolution plugin by ThemePunch, affecting versions 7.0.0 through 7.0.16. The issue is a Reflected Cross-Site Scripting (XSS) vulnerability arising from improper neutralization of input during web page generation. The CVSSv3.1 metrics indicate a NETWOR...

7.1CVSS5.8AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:30 a.m.26 views

CVE-2026-56037

The CVE-2026-56037 affects Themify Popup (WordPress plugin) ≤ 1.4.3. It describes a Deserialization of Untrusted Data vulnerability that allows PHP Object Injection through deserialized data. The underlying issue is the ability to inject or manipulate objects via untrusted input, enabling high-ri...

8.8CVSS5.8AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:16 a.m.17 views

CVE-2026-57766

This CVE covers an Unauthenticated Cross Site Request Forgery (CSRF) in the WordPress WPIDE – File Manager & Code Editor plugin, affecting versions

8.8CVSS5.8AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:16 a.m.21 views

CVE-2026-57765

WP EasyCart WordPress plugin versions

8.5CVSS5.8AI score0.0022EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:16 a.m.20 views

CVE-2026-57763

CVE-2026-57763 affects the WordPress Structured Content plugin (versions ≤ 1.7.0). The description notes a Contributor Cross Site Scripting (XSS) vulnerability; the provided documents do not specify the exact root cause, impacted file(s), or remediation steps.

6.5CVSS5.8AI score0.00139EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:16 a.m.28 views

CVE-2026-57764

CVE-2026-57764 : Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Surbma | Yoast SEO Breadcrumb Shortcode, affecting versions

6.5CVSS5.8AI score0.00139EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:16 a.m.18 views

CVE-2026-57762

CVE-2026-57762: A Cross Site Scripting (XSS) vulnerability affects WordPress Simple URLs plugin versions

5.9CVSS5.8AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:16 a.m.23 views

CVE-2026-57761

CVE-2026-57761 concerns the WordPress theme SEOWP, affected in versions <= 3.12.2. The vulnerability is described as Unauthenticated CSRF . Several connected sources also frame the issue as a CSRF leading to Stored XSS in SEOWP

7.1CVSS5.8AI score0.00094EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:16 a.m.19 views

CVE-2026-57759

CVE-2026-57759: Unauthenticated CSRF in WordPress ProfileGrid plugin (versions

8.8CVSS5.8AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:16 a.m.15 views

CVE-2026-57758

CVE-2026-57758 corresponds to an unauthenticated CSRF in the WordPress Permalink Manager for WooCommerce plugin, affecting versions

7.1CVSS5.8AI score0.00094EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.18 views

CVE-2026-57757

CVE-2026-57757 concerns the WordPress plugin pCloud WP Backup (versions

7.1CVSS5.8AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.17 views

CVE-2026-57756

CVE-2026-57756 affects the WordPress plugin nicen-localize-image

8.5CVSS5.8AI score0.0022EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57755

CVE-2026-57755 describes a Contributor Cross Site Scripting (XSS) vulnerability in the WordPress plugin Mosaic Gallery – Advanced Gallery, affected versions

6.5CVSS5.8AI score0.00139EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.18 views

CVE-2026-57754

CVE-2026-57754 is a cross-site scripting (XSS) vulnerability in the WordPress plugin Livemesh Addons for WPBakery Page Builder

6.5CVSS5.8AI score0.00139EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.17 views

CVE-2026-57753

The CVE-2026-57753 entry concerns the WordPress Kit (formerly ConvertKit) for WooCommerce plugin, affected versions 2.1.5 and earlier. Description indicates an unauthenticated sensitive data exposure vulnerability in these versions. The provided documents do not specify the exact root cause, vuln...

5.3CVSS5.8AI score0.00206EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.23 views

CVE-2026-57752

The CVE-2026-57752 entry covers a Contributor SQL Injection in the WordPress iNET Webkit plugin version 1.2.4. The vulnerability is described without attack details; CVSS 3.1 base score 8.5 (Network attack, Low complexity, Privileges Required: Low, User Interaction: None, Confidentiality Impact: ...

8.5CVSS5.8AI score0.0029EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57751

The CVE-2026-57751 entry concerns the WordPress plugin Heateor Social Login (versions

8.1CVSS5.8AI score0.00139EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.14 views

CVE-2026-57750

The CVE-2026-57750 entry concerns the WordPress plugin ez Form Calculator Premium (versions up to and including 2.14.1.2). The vulnerability is described as Unauthenticated Broken Access Control , implying that unauthenticated users can access or manipulate resources they should not be able to. T...

5.3CVSS5.8AI score0.00184EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57749

CVE-2026-57749 is a Local File Inclusion vulnerability in the WordPress SportsPress Pro plugin, affecting versions up to and including 2.7.29. The issue is documented across multiple feeds (NVD, CVE List, CIRCL, AttackersKB, EUVD, etc.). The reported CVSS v3.1 metrics indicate a high overall impa...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57748

CVE-2026-57748 describes a Local File Inclusion vulnerability in the WordPress Shopify plugin for Shopify integrations, affecting versions up to 1.0.0. The available sources confirm the vulnerability class and affected product/version, but do not provide explicit root-cause details beyond LFI, ex...

7.5CVSS5.8AI score0.00284EPSS
Exploits0References1
Rows per page
Query Builder