Search
Search Results (361783 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56030 | 2 Paytium, Wordpress | 2 Paytium, Wordpress | 2026-06-29 | 9.8 Critical |
| Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions. | ||||
| CVE-2026-56034 | 2 Owthub, Wordpress | 2 Library Management System, Wordpress | 2026-06-29 | 9.3 Critical |
| Unauthenticated SQL Injection in Library Management System <= 3.5.7 versions. | ||||
| CVE-2026-56046 | 2 Cridio, Wordpress | 2 Listingpro, Wordpress | 2026-06-29 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in ListingPro <= 2.9.11 versions. | ||||
| CVE-2026-56048 | 1 Wordpress | 2 Payment Gateway Based Fees And Discounts For Woocommerce, Wordpress | 2026-06-29 | 6.5 Medium |
| Unauthenticated Insecure Direct Object References (IDOR) in Payment Gateway Based Fees and Discounts for WooCommerce <= 3.0.0 versions. | ||||
| CVE-2026-56057 | 2 Uncannyowl, Wordpress | 2 Uncanny Automator, Wordpress | 2026-06-29 | 9.8 Critical |
| Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions. | ||||
| CVE-2026-56067 | 2 Jetimpex Inc., Wordpress | 2 Jetsmartfilters, Wordpress | 2026-06-29 | 9.3 Critical |
| Unauthenticated SQL Injection in JetSmartFilters <= 3.8.3 versions. | ||||
| CVE-2026-56068 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2026-06-29 | 9.3 Critical |
| Unauthenticated SQL Injection in JetEngine <= 3.8.10.2 versions. | ||||
| CVE-2026-57315 | 2 Creativethemes, Wordpress | 2 Blocksy Companion, Wordpress | 2026-06-29 | 8.5 High |
| Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions. | ||||
| CVE-2026-57431 | 2 Mer.vin, Wordpress | 2 Featured Image, Wordpress | 2026-06-29 | 6.5 Medium |
| Author Cross Site Scripting (XSS) in Featured Image <= 2.1 versions. | ||||
| CVE-2026-57628 | 2 Wordpress, Wpallimport | 2 Wordpress, Wp All Import | 2026-06-29 | 7.6 High |
| Administrator SQL Injection in WP All Import <= 4.0.1 versions. | ||||
| CVE-2026-57630 | 2 Creativethemes, Wordpress | 2 Blocksy Companion, Wordpress | 2026-06-29 | 5.3 Medium |
| Unauthenticated Insecure Direct Object References (IDOR) in Blocksy Companion Pro <= 2.1.46 versions. | ||||
| CVE-2026-57632 | 2 Omnisend, Wordpress | 2 Email Marketing For Woocommerce, Wordpress | 2026-06-29 | 5.4 Medium |
| Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend <= 1.19.0 versions. | ||||
| CVE-2026-57640 | 2 Stylemixthemes, Wordpress | 2 Masterstudy Lms, Wordpress | 2026-06-29 | 4.3 Medium |
| Subscriber Broken Access Control in MasterStudy LMS <= 3.7.30 versions. | ||||
| CVE-2026-57641 | 2 Contempothemes, Wordpress | 2 Real Estate 7, Wordpress | 2026-06-29 | 6.5 Medium |
| Unauthenticated Cross Site Request Forgery (CSRF) in Real Estate 7 <= 3.5.9 versions. | ||||
| CVE-2026-57645 | 2 Tribulant, Wordpress | 2 Newsletters, Wordpress | 2026-06-29 | 8.1 High |
| newsletters_subscribers Broken Access Control in Newsletters <= 4.13 versions. | ||||
| CVE-2026-57649 | 2 Studiowombat, Wordpress | 2 Shoppable Images, Wordpress | 2026-06-29 | 4.3 Medium |
| Subscriber Broken Access Control in Shoppable Images Lite <= 1.3 versions. | ||||
| CVE-2026-57660 | 2 Magepeople, Wordpress | 2 Booking & Rental Manager, Wordpress | 2026-06-29 | 5.3 Medium |
| Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions. | ||||
| CVE-2026-57663 | 2 Really-simple-plugins, Wordpress | 2 Recipe Maker For Your Food Blog From Zip Recipes, Wordpress | 2026-06-29 | 8.5 High |
| Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes <= 8.2.7 versions. | ||||
| CVE-2026-21734 | 1 Imaginationtech | 1 Graphics Ddk | 2026-06-29 | 7.7 High |
| A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An edge case using a very small value in GPU shader code can cause a segmentation fault in the GPU shader compiler due to am out-of-bounds write. | ||||
| CVE-2026-5757 | 1 Ollama | 1 Ollama | 2026-06-29 | 7.5 High |
| Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence. | ||||