Search
Search Results (361475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39524 | 2 Themegrill, Wordpress | 2 Masteriyo, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Broken Access Control in Masteriyo - LMS <= 2.1.5 versions. | ||||
| CVE-2026-39532 | 2 Stiofansisland, Wordpress | 2 Events Calendar For Geodirectory, Wordpress | 2026-06-26 | 8.8 High |
| Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions. | ||||
| CVE-2026-39534 | 2 Wordpress, Wpdirectorykit | 2 Wordpress, Wp Directory Kit | 2026-06-26 | 7.5 High |
| Unauthenticated Broken Access Control in WP Directory Kit <= 1.5.0 versions. | ||||
| CVE-2026-39583 | 2 Datalogics Ecommerce Delivery, Wordpress | 2 Datalogics Ecommerce Delivery, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions. | ||||
| CVE-2026-40773 | 2 Rtcamp, Wordpress | 2 Rtmedia For Wordpress, Buddypress And Bbpress, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions. | ||||
| CVE-2026-40779 | 2 Wordpress, Ylefebvre | 2 Wordpress, Link Library | 2026-06-26 | 7.7 High |
| Contributor Arbitrary File Deletion in Link Library <= 7.8.8 versions. | ||||
| CVE-2026-40792 | 2 Iqonic, Wordpress | 2 Kivicare, Wordpress | 2026-06-26 | 6.3 Medium |
| Subscriber Insecure Direct Object References (IDOR) in KiviCare <= 4.2.1 versions. | ||||
| CVE-2026-40799 | 2 Replywp, Wordpress | 2 Simple Cloudfare Turnstile, Wordpress | 2026-06-26 | 5.8 Medium |
| Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions. | ||||
| CVE-2026-42668 | 2 Omnisend, Wordpress | 2 Email Marketing For Woocommerce, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend <= 1.18.0 versions. | ||||
| CVE-2026-42686 | 2 Theeventprime, Wordpress | 2 Eventprime, Wordpress | 2026-06-26 | 7.1 High |
| Subscriber Cross Site Scripting (XSS) in EventPrime <= 4.3.2.1 versions. | ||||
| CVE-2026-42687 | 2 Theeventprime, Wordpress | 2 Eventprime, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in EventPrime <= 4.3.2.1 versions. | ||||
| CVE-2026-42743 | 2 Themegrill, Wordpress | 2 Masteriyo, Wordpress | 2026-06-26 | 6.5 Medium |
| Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions. | ||||
| CVE-2026-45437 | 2 Brthumar1959, Wordpress | 2 Product Filter Widget For Elementor, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Product Filter Widget for Elementor <= 1.0.6 versions. | ||||
| CVE-2026-45441 | 2 Magepeopleteam, Wordpress | 2 Wpevently, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions. | ||||
| CVE-2026-48878 | 2 Bootstrapped, Wordpress | 2 Visual Link Preview, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions. | ||||
| CVE-2026-49043 | 2 Wordpress, Wpengine | 2 Wordpress, Wp Migrate | 2026-06-26 | 4.7 Medium |
| Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions. | ||||
| CVE-2026-49078 | 2 Wordpress, Wptravelengine | 2 Wordpress, Wp Travel Engine | 2026-06-26 | 7.5 High |
| Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions. | ||||
| CVE-2026-49104 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.2.1 versions. | ||||
| CVE-2026-49109 | 2 Crmperks, Wordpress | 2 Integration For Salesforce And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.3 versions. | ||||
| CVE-2026-49766 | 2 Wordpress, Wpusermanager | 2 Wordpress, Wp User Manager | 2026-06-26 | 9.9 Critical |
| Subscriber Arbitrary File Deletion in WP User Manager <= 2.9.16 versions. | ||||