Export limit exceeded: 361356 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361356 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361356 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-48969 | 2 Really-simple-plugins, Wordpress | 2 Really Simple Ssl, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in Really Simple SSL <= 9.5.9 versions. | ||||
| CVE-2025-64215 | 2 Stylemixthemes, Wordpress | 2 Masterstudy Lms, Wordpress | 2026-06-26 | 6.5 Medium |
| Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects MasterStudy LMS Pro: from n/a before 4.7.16. | ||||
| CVE-2023-4727 | 1 Redhat | 6 Certificate System Eus, Enterprise Linux, Rhel Aus and 3 more | 2026-06-26 | 7.5 High |
| A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege. | ||||
| CVE-2026-9691 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions. | ||||
| CVE-2026-24637 | 2 Blubrry, Wordpress | 2 Powerpress Podcasting, Wordpress | 2026-06-26 | 8.5 High |
| Contributor SQL Injection in PowerPress Podcasting <= 11.15.10 versions. | ||||
| CVE-2026-27053 | 2 Videowhisper, Wordpress | 2 Broadcast Live Video, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Broadcast Live Video < 7.1.3 versions. | ||||
| CVE-2026-27407 | 2 Meowapps, Wordpress | 2 Ai Engine, Wordpress | 2026-06-26 | 7.2 High |
| Editor Privilege Escalation in AI Engine <= 3.4.9 versions. | ||||
| CVE-2026-39450 | 2 Funnelkit, Wordpress | 2 Funnelkit Automations, Wordpress | 2026-06-26 | 7.1 High |
| Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions. | ||||
| CVE-2026-39515 | 2 Stylemix, Wordpress | 2 Motors, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in Motors < 1.4.107 versions. | ||||
| CVE-2026-39518 | 2 Theeventprime, Wordpress | 2 Eventprime, Wordpress | 2026-06-26 | 7.1 High |
| Subscriber Insecure Direct Object References (IDOR) in EventPrime <= 4.3.0.0 versions. | ||||
| CVE-2026-39524 | 2 Themegrill, Wordpress | 2 Masteriyo, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Broken Access Control in Masteriyo - LMS <= 2.1.5 versions. | ||||
| CVE-2026-39532 | 2 Stiofansisland, Wordpress | 2 Events Calendar For Geodirectory, Wordpress | 2026-06-26 | 8.8 High |
| Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions. | ||||
| CVE-2026-39534 | 2 Wordpress, Wpdirectorykit | 2 Wordpress, Wp Directory Kit | 2026-06-26 | 7.5 High |
| Unauthenticated Broken Access Control in WP Directory Kit <= 1.5.0 versions. | ||||
| CVE-2026-39583 | 2 Datalogics Ecommerce Delivery, Wordpress | 2 Datalogics Ecommerce Delivery, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions. | ||||
| CVE-2026-40773 | 2 Rtcamp, Wordpress | 2 Rtmedia For Wordpress, Buddypress And Bbpress, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions. | ||||
| CVE-2026-40779 | 2 Wordpress, Ylefebvre | 2 Wordpress, Link Library | 2026-06-26 | 7.7 High |
| Contributor Arbitrary File Deletion in Link Library <= 7.8.8 versions. | ||||
| CVE-2026-40792 | 2 Iqonic, Wordpress | 2 Kivicare, Wordpress | 2026-06-26 | 6.3 Medium |
| Subscriber Insecure Direct Object References (IDOR) in KiviCare <= 4.2.1 versions. | ||||
| CVE-2026-40799 | 2 Replywp, Wordpress | 2 Simple Cloudfare Turnstile, Wordpress | 2026-06-26 | 5.8 Medium |
| Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions. | ||||
| CVE-2026-42668 | 2 Omnisend, Wordpress | 2 Email Marketing For Woocommerce, Wordpress | 2026-06-26 | 7.5 High |
| Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend <= 1.18.0 versions. | ||||
| CVE-2026-42686 | 2 Theeventprime, Wordpress | 2 Eventprime, Wordpress | 2026-06-26 | 7.1 High |
| Subscriber Cross Site Scripting (XSS) in EventPrime <= 4.3.2.1 versions. | ||||