Export limit exceeded: 361326 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361326 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40773 | 2 Rtcamp, Wordpress | 2 Rtmedia For Wordpress, Buddypress And Bbpress, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions. | ||||
| CVE-2026-40779 | 2 Wordpress, Ylefebvre | 2 Wordpress, Link Library | 2026-06-26 | 7.7 High |
| Contributor Arbitrary File Deletion in Link Library <= 7.8.8 versions. | ||||
| CVE-2026-40792 | 2 Iqonic, Wordpress | 2 Kivicare, Wordpress | 2026-06-26 | 6.3 Medium |
| Subscriber Insecure Direct Object References (IDOR) in KiviCare <= 4.2.1 versions. | ||||
| CVE-2026-40799 | 2 Replywp, Wordpress | 2 Simple Cloudfare Turnstile, Wordpress | 2026-06-26 | 5.8 Medium |
| Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions. | ||||
| CVE-2026-42668 | 2 Omnisend, Wordpress | 2 Email Marketing For Woocommerce, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend <= 1.18.0 versions. | ||||
| CVE-2026-42686 | 2 Theeventprime, Wordpress | 2 Eventprime, Wordpress | 2026-06-26 | 7.1 High |
| Subscriber Cross Site Scripting (XSS) in EventPrime <= 4.3.2.1 versions. | ||||
| CVE-2026-42687 | 2 Theeventprime, Wordpress | 2 Eventprime, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in EventPrime <= 4.3.2.1 versions. | ||||
| CVE-2026-42743 | 2 Themegrill, Wordpress | 2 Masteriyo, Wordpress | 2026-06-26 | 6.5 Medium |
| Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions. | ||||
| CVE-2026-45437 | 2 Brthumar1959, Wordpress | 2 Product Filter Widget For Elementor, Wordpress | 2026-06-26 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Product Filter Widget for Elementor <= 1.0.6 versions. | ||||
| CVE-2026-45441 | 2 Magepeopleteam, Wordpress | 2 Wpevently, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions. | ||||
| CVE-2026-48878 | 2 Bootstrapped, Wordpress | 2 Visual Link Preview, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions. | ||||
| CVE-2026-49043 | 2 Wordpress, Wpengine | 2 Wordpress, Wp Migrate | 2026-06-26 | 4.7 Medium |
| Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions. | ||||
| CVE-2026-49078 | 2 Wordpress, Wptravelengine | 2 Wordpress, Wp Travel Engine | 2026-06-26 | 7.5 High |
| Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions. | ||||
| CVE-2026-49104 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.2.1 versions. | ||||
| CVE-2026-49109 | 2 Crmperks, Wordpress | 2 Integration For Salesforce And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.3 versions. | ||||
| CVE-2026-49766 | 2 Wordpress, Wpusermanager | 2 Wordpress, Wp User Manager | 2026-06-26 | 9.9 Critical |
| Subscriber Arbitrary File Deletion in WP User Manager <= 2.9.16 versions. | ||||
| CVE-2026-49770 | 2 Wordpress, Wptravelengine | 2 Wordpress, Wp Travel Engine | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in WP Travel Engine <= 6.7.12 versions. | ||||
| CVE-2026-49775 | 2 Welcart, Wordpress | 2 Welcart E-commerce, Wordpress | 2026-06-26 | 6.5 Medium |
| Unauthenticated Broken Access Control in Welcart e-Commerce <= 2.11.28 versions. | ||||
| CVE-2026-49776 | 2 John-dagelmore, Wordpress | 2 Gptranslate – Multilingual Ai Translation For Wordpress: Automatically Translate Websites, Wordpress | 2026-06-26 | 9.3 Critical |
| Unauthenticated SQL Injection in GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites <= 2.32.6 versions. | ||||
| CVE-2026-52703 | 2 Ninjateam, Wordpress | 2 Fastdup, Wordpress | 2026-06-26 | 9.6 Critical |
| Unauthenticated Path Traversal in FastDup <= 2.7.2 versions. | ||||