372150 matches found
CVE-2026-57747
CVE-2026-57747 is an unauthenticated CSRF vulnerability in the WordPress Booked plugin
CVE-2026-57746
CVE-2026-57746 concerns the WordPress Booked plugin (versions up to and including 3.0.0) where a Broken Access Control vulnerability is described. The Initial document notes only the affected software and version range, with the impact stated as access control issues; no root cause, affected file...
CVE-2026-57731
Technical details for CVE-2026-57731 are not publicly available in the provided documents. Monitor for updates. Current records indicate a Broken Access Control issue in Flatsome
CVE-2026-57730
CVE-2026-57730 concerns the WordPress Flatsome theme (
CVE-2026-57690
The CVE-2026-57690 entry documents an unauthenticated Cross Site Request Forgery (CSRF) in the WordPress Werkstatt theme versions ≤ 4.7.2. The vulnerability affects the Werkstatt theme (WordPress plugin/theme) and is described as CSRF without details on exploit vectors beyond unauthenticated acce...
CVE-2026-57689
The CVE-2026-57689 entry concerns the WordPress Werkstatt theme (versions up to 4.7.2) with a Broken Access Control flaw. Affected component: Werkstatt WordPress theme; root cause: broken access control mechanisms in version <= 4.7.2. Impact: unauthorized access to restricted functionality, as...
CVE-2026-57688
The CVE concerns the WordPress POS Entegratör plugin (versions
CVE-2026-57687
CVE-2026-57687 concerns a SQL Injection vulnerability in the WordPress plugin Custom Field Template (versions
CVE-2026-57686
CVE-2026-57686 affects the WordPress WowAddons plugin, versions
CVE-2026-57685
CVE-2026-57685: A Broken Access Control vulnerability exists in WordPress Martfury - WooCommerce Marketplace Theme (versions
CVE-2026-57684
CVE-2026-57684 describes a Cross Site Scripting (XSS) vulnerability in WordPress TheFox theme (versions
CVE-2026-57683
The CVE-2026-57683 entry concerns the WordPress WP Fast Total Search plugin (versions
CVE-2026-57682
The CVE-2026-57682 entry affects the WordPress plugin “Simple Link Directory” version ≤ 15.0.5, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The connected records confirm the vulnerability type (XSS) and affected version, but do not provide concrete root-cause details, exploi...
CVE-2026-57681
The CVE describes a Server Side Request Forgery (SSRF) vulnerability in the WordPress GeoDirectory plugin for WordPress, specifically version
CVE-2026-57679
CVE-2026-57679 affects the WordPress GeekyBot plugin prior to or at version 1.2.5, with an unauthenticated SQL Injection vulnerability. The provided sources (NVD entries and PatchStack) confirm the flaw exists in GeekyBot
CVE-2026-57680
CVE-2026-57680 affects the WordPress Kirki plugin versions
CVE-2026-57677
The CVE concerns the WordPress Novalnet Payment Gateway for WooCommerce plugin, affected versions
CVE-2026-57675
CVE-2026-57675 describes unauthenticated Cross Site Scripting (XSS) in the WordPress plugin WP Photo Album Plus,
CVE-2026-57674
CVE-2026-57674 affects WordPress Timetics plugin versions up to 1.0.58, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The available documents identify the affected product and the issue type, including a CVSS 3.1 base score of 7.1 (HIGH) with network access, no privileges requ...
CVE-2026-57673
Technical details of CVE-2026-57673 are not publicly provided in the supplied documents. Monitor for updates from authoritative sources; the available entries indicate unauthenticated XSS in Optimole