Lucene search
+L

372157 matches found

CVE
CVE
added 2026/07/02 11:15 a.m.13 views

CVE-2026-57681

The CVE describes a Server Side Request Forgery (SSRF) vulnerability in the WordPress GeoDirectory plugin for WordPress, specifically version

6.4CVSS5.8AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.13 views

CVE-2026-57679

CVE-2026-57679 affects the WordPress GeekyBot plugin prior to or at version 1.2.5, with an unauthenticated SQL Injection vulnerability. The provided sources (NVD entries and PatchStack) confirm the flaw exists in GeekyBot

9.3CVSS5.8AI score0.00247EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.13 views

CVE-2026-57680

CVE-2026-57680 affects the WordPress Kirki plugin versions

6.5CVSS5.8AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.27 views

CVE-2026-57677

The CVE concerns the WordPress Novalnet Payment Gateway for WooCommerce plugin, affected versions

9.8CVSS5.8AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.16 views

CVE-2026-57675

CVE-2026-57675 describes unauthenticated Cross Site Scripting (XSS) in the WordPress plugin WP Photo Album Plus,

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.14 views

CVE-2026-57674

CVE-2026-57674 affects WordPress Timetics plugin versions up to 1.0.58, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The available documents identify the affected product and the issue type, including a CVSS 3.1 base score of 7.1 (HIGH) with network access, no privileges requ...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57673

Technical details of CVE-2026-57673 are not publicly provided in the supplied documents. Monitor for updates from authoritative sources; the available entries indicate unauthenticated XSS in Optimole

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.17 views

CVE-2026-57672

CVE-2026-57672 affects the WordPress wpDataTables plugin up to version 6.5.1.1, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The CVSSv3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L, base score 7.1 (HIGH). Attack vector is NETWORK, privileges required NONE, user in...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.25 views

CVE-2026-57671

Technical details are not publicly available in the provided documents. Monitor for updates.

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.12 views

CVE-2026-57670

Technical details (affected plugin version specifics, root cause, exploit steps, and remediation) are not publicly available in the provided documents. Monitor for updates.

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.28 views

CVE-2026-57669

The affected software is the WordPress plugin Advanced Contact form 7 DB (versions

6.5CVSS5.8AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.10 views

CVE-2026-57625

CVE-2026-57625 : Unauthenticated Cross Site Scripting (XSS) vulnerability in WordPress Admin and Site Enhancements (ASE) Pro plugin, versions

9.6CVSS5.8AI score0.00269EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.32 views

CVE-2026-57624

CVE-2026-57624 : Unauthenticated Remote Code Execution in WordPress Blocksy Companion Pro plugin (versions

10CVSS5.9AI score0.00697EPSS
In wildExploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.23 views

CVE-2026-57623

CVE-2026-57623 affects the WordPress W3 Total Cache plugin (versions

9CVSS5.9AI score0.00332EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.14 views

CVE-2026-57621

CVE-2026-57621 : Unauthenticated PHP Object Injection in the WordPress plugin Booktics (versions ≤ 1.0.21). Root cause as stated is PHP object injection in Booktics ≤ 1.0.21. CVSS 3.1 base score 9.8 (CRITICAL) with network attack vector, no user interaction, and impact to confidentiality, integri...

9.8CVSS5.8AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57426

The provided data identifies an Unauthenticated Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Modula – PRO , versions ≤ 2.10.8. Affected component is the Modula – PRO plugin for WordPress. The entry does not specify the root cause, affected files/functions, or the exact payload...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.19 views

CVE-2026-57366

CVE-2026-57366 : Unauthenticated cross-site scripting in the WordPress WPAdverts plugin (versions

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.18 views

CVE-2026-57361

The CVE-2026-57361 entry affects the WordPress Survey Maker plugin ≤ 5.2.2.5, describing an unauthenticated Cross-Site Scripting (XSS) vulnerability. The provided documents specify the vulnerable software and vulnerability type, but do not include technical details about the root cause, impact sp...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.19 views

CVE-2026-57362

CVE-2026-57362 affects WordPress ChatBot plugin versions ≤ 8.3.2 and is described as unauthenticated reflected XSS. The CVSSv3.1 base score is 7.1 (HIGH) with network attack vector, low confidentiality/integrity/availability impact, user interaction required. The provided documents do not specify...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.17 views

CVE-2026-57360

CVE-2026-57360 affects the WordPress plugin eCommerce Product Catalog (versions ≤ 3.5.4). The vulnerability is an Unauthenticated Cross Site Scripting (XSS) issue. The connected documents provide the affected product and vulnerability type, with no exploit details or remediation/version fix infor...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Rows per page
Query Builder