372276 matches found
CVE-2026-57675
CVE-2026-57675 describes unauthenticated Cross Site Scripting (XSS) in the WordPress plugin WP Photo Album Plus,
CVE-2026-57674
CVE-2026-57674 affects WordPress Timetics plugin versions up to 1.0.58, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The available documents identify the affected product and the issue type, including a CVSS 3.1 base score of 7.1 (HIGH) with network access, no privileges requ...
CVE-2026-57673
Technical details of CVE-2026-57673 are not publicly provided in the supplied documents. Monitor for updates from authoritative sources; the available entries indicate unauthenticated XSS in Optimole
CVE-2026-57672
CVE-2026-57672 affects the WordPress wpDataTables plugin up to version 6.5.1.1, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The CVSSv3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L, base score 7.1 (HIGH). Attack vector is NETWORK, privileges required NONE, user in...
CVE-2026-57671
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-57670
Technical details (affected plugin version specifics, root cause, exploit steps, and remediation) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-57669
The affected software is the WordPress plugin Advanced Contact form 7 DB (versions
CVE-2026-57625
CVE-2026-57625 : Unauthenticated Cross Site Scripting (XSS) vulnerability in WordPress Admin and Site Enhancements (ASE) Pro plugin, versions
CVE-2026-57624
CVE-2026-57624 : Unauthenticated Remote Code Execution in WordPress Blocksy Companion Pro plugin (versions
CVE-2026-57623
CVE-2026-57623 affects the WordPress W3 Total Cache plugin (versions
CVE-2026-57621
CVE-2026-57621 : Unauthenticated PHP Object Injection in the WordPress plugin Booktics (versions ≤ 1.0.21). Root cause as stated is PHP object injection in Booktics ≤ 1.0.21. CVSS 3.1 base score 9.8 (CRITICAL) with network attack vector, no user interaction, and impact to confidentiality, integri...
CVE-2026-57426
The provided data identifies an Unauthenticated Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Modula – PRO , versions ≤ 2.10.8. Affected component is the Modula – PRO plugin for WordPress. The entry does not specify the root cause, affected files/functions, or the exact payload...
CVE-2026-57366
CVE-2026-57366 : Unauthenticated cross-site scripting in the WordPress WPAdverts plugin (versions
CVE-2026-57361
The CVE-2026-57361 entry affects the WordPress Survey Maker plugin ≤ 5.2.2.5, describing an unauthenticated Cross-Site Scripting (XSS) vulnerability. The provided documents specify the vulnerable software and vulnerability type, but do not include technical details about the root cause, impact sp...
CVE-2026-57362
CVE-2026-57362 affects WordPress ChatBot plugin versions ≤ 8.3.2 and is described as unauthenticated reflected XSS. The CVSSv3.1 base score is 7.1 (HIGH) with network attack vector, low confidentiality/integrity/availability impact, user interaction required. The provided documents do not specify...
CVE-2026-57360
CVE-2026-57360 affects the WordPress plugin eCommerce Product Catalog (versions ≤ 3.5.4). The vulnerability is an Unauthenticated Cross Site Scripting (XSS) issue. The connected documents provide the affected product and vulnerability type, with no exploit details or remediation/version fix infor...
CVE-2026-57359
CVE-2026-57359 concerns the WordPress plugin ReviewX (versions
CVE-2026-57358
CVE-2026-57358 affects the WordPress plugin Customize My Account for WooCommerce
CVE-2026-57357
CVE-2026-57357 affects the WordPress plugin “Search Atlas SEO” (versions
CVE-2026-57356
CVE-2026-57356 is an unauthenticated Cross Site Scripting (XSS) vulnerability affecting the WordPress MC Woocommerce Wishlist plugin version ≤ 1.9.19. The issue, identified in the CVE record, does not specify exploitation status or a confirmed fix within the provided documents. The CVSS base scor...