372241 matches found
CVE-2026-57352
CVE-2026-57352 concerns the WordPress plugin ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce (
CVE-2026-57351
CVE-2026-57351 affects the WordPress plugin HandL UTM Grabber up to version 2.9.2, with an unauthenticated XSS vulnerability. The connected documents provide the vulnerability type and affected software but do not supply root cause specifics, exploit details, or a remediation. CVSS data (3.1) fro...
CVE-2026-57350
WP Debugging plugin for WordPress with versions ≤2.12.2 is affected by an unauthenticated Cross Site Scripting (XSS) vulnerability. The CVE entry specifies the vulnerable component as the WP Debugging plugin and lists CVSS v3.1 base score 7.1 (High) with Network attack vector, no privileges requi...
CVE-2026-57349
CVE-2026-57349 affects the WordPress plugin WPeMatico RSS Feed Fetcher (versions
CVE-2026-57348
CVE-2026-57348 affects WordPress plugin Paid Member Subscriptions (versions <= 3.0.4). An unauthenticated server-side request forgery (SSRF) vulnerability exists in this plugin, enabling an attacker to induce the server to fetch arbitrary resources. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C...
CVE-2026-57347
CVE-2026-57347 affects the WordPress plugin Hotel Booking Lite
CVE-2026-57345
The CVE-2026-57345 entry concerns WordPress Internal Links Manager plugin versions <= 3.0.3 and describes an Unauthenticated Cross Site Scripting (XSS) vulnerability. The connected Patchstack reference confirms an XSS flaw in WordPress Internal Links Manager
CVE-2026-57344
Summary: Unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Classified Listing plugin (versions <= 5.4.2). Affected product: WordPress Classified Listing plugin.Versions:
CVE-2026-57343
CVE-2026-57343 describes an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Real Estate 7 theme, affected
CVE-2026-57342
The CVE-2026-57342 entry concerns the WordPress ShortPixel Adaptive Images plugin, affected versions are
CVE-2026-49779
CVE-2026-49779 concerns the WordPress plugin Tax Exempt for WooCommerce (versions
CVE-2026-42382
CVE-2026-42382 concerns WordPress Audrey theme versions <= 1.5 with an Unauthenticated Local File Inclusion (LFI) vulnerability. The connected patches and CVE records identify the affected product (Audrey theme
CVE-2026-39448
The CVE highlights an Unauthenticated Broken Access Control issue in the WordPress NOWPayments for WooCommerce plugin, affecting versions <= 1.4.0. The vulnerability type is explicitly described as Broken Access Control, with no user interaction required and no privileges granted to attackers....
CVE-2026-27436
The CVE covers WordPress plugin Five Star Business Profile and Schema (versions
CVE-2026-27430
CVE-2026-27430 affects the WordPress TheFox theme (
CVE-2026-27433
The CVE concerns the WordPress Motors theme (
CVE-2026-27426
CVE-2026-27426 affects the WordPress Automotive Car Dealership Business theme
CVE-2026-27425
CVE-2026-27425 details (normal mode): Unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability affecting WordPress Automotive Listings plugin, versions up to and including 18.6. The issue is due to a reflected XSS flaw in the plugin’s input handling, allowing an attacker to craft a mal...
CVE-2026-27419
CVE-2026-27419 affects WordPress Zegen theme versions
CVE-2026-27414
CVE-2026-27414 details (provided): WordPress Werkstatt theme