Export limit exceeded: 365200 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365200 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-57385 | 2 Appsbd, Wordpress | 2 Vitepos, Wordpress | 2026-07-13 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in appsbd Vitepos vitepos-lite allows Blind SQL Injection.This issue affects Vitepos: from n/a through <= 3.4.2. | ||||
| CVE-2026-57363 | 2 Quantumcloud, Wordpress | 2 Chatbot, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud ChatBot chatbot allows Stored XSS.This issue affects ChatBot: from n/a through <= 8.3.7. | ||||
| CVE-2026-57727 | 2 Themeum, Wordpress | 2 Kirki, Wordpress | 2026-07-13 | 7.5 High |
| Missing Authorization vulnerability in Themeum Kirki kirki allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kirki: from n/a through <= 6.0.13. | ||||
| CVE-2026-57372 | 2 Denishua, Wordpress | 2 Wpjam Basic, Wordpress | 2026-07-13 | 7.2 High |
| Server-Side Request Forgery (SSRF) vulnerability in denishua WPJAM Basic wpjam-basic allows Server Side Request Forgery.This issue affects WPJAM Basic: from n/a through <= 7.0. | ||||
| CVE-2026-57709 | 2 Wordpress, Wpswings | 2 Wordpress, Membership For Woocommerce | 2026-07-13 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Path Traversal.This issue affects Membership For WooCommerce: from n/a through <= 3.1.0. | ||||
| CVE-2026-57698 | 2 Villatheme, Wordpress | 2 Abandoned Cart Recovery For Woocommerce, Wordpress | 2026-07-13 | 6.5 Medium |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Authentication Abuse.This issue affects Abandoned Cart Recovery for WooCommerce: from n/a through <= 1.1.12. | ||||
| CVE-2026-57668 | 2026-07-13 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Stored XSS.This issue affects NEX-Forms: from n/a through <= 9.2.2. | ||||
| CVE-2026-57419 | 2 Fahadmahmood8, Wordpress | 2 Stock Locations For Woocommerce, Wordpress | 2026-07-13 | 6.5 Medium |
| Missing Authorization vulnerability in Fahad Mahmood Stock Locations for WooCommerce stock-locations-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Locations for WooCommerce: from n/a through <= 3.1.8. | ||||
| CVE-2026-57394 | 2026-07-13 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Reflected XSS.This issue affects Newsletters: from n/a through <= 4.14. | ||||
| CVE-2026-57388 | 2 Themefic, Wordpress | 2 Hydra Booking, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a through <= 1.1.44. | ||||
| CVE-2026-57381 | 2 Propertyhive, Wordpress | 2 Propertyhive, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Property Hive PropertyHive propertyhive allows Reflected XSS.This issue affects PropertyHive: from n/a through <= 2.2.3. | ||||
| CVE-2026-57401 | 2 Brainstorm Force, Wordpress | 2 Suredash, Wordpress | 2026-07-13 | 9.9 Critical |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force SureDash suredash allows Path Traversal.This issue affects SureDash: from n/a through <= 1.8.0. | ||||
| CVE-2026-57375 | 2 Fluxbuilder, Wordpress | 2 Mstore Api, Wordpress | 2026-07-13 | 6.5 Medium |
| Missing Authorization vulnerability in FluxBuilder MStore API mstore-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MStore API: from n/a through <= 4.18.4. | ||||
| CVE-2026-57398 | 2026-07-13 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Real Estate Manager Pro real-estate-manager-pro allows Reflected XSS.This issue affects Real Estate Manager Pro: from n/a through <= 12.8.3. | ||||
| CVE-2026-61976 | 2026-07-13 | 5.3 Medium | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Retrieve Embedded Sensitive Data.This issue affects JetBlocks For Elementor: from n/a through <= 1.5.0. | ||||
| CVE-2022-4989 | 1 Asus | 1 Ai Suite 3 | 2026-07-13 | N/A |
| ** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation. | ||||
| CVE-2026-57773 | 2 Wordpress, Zorem | 2 Wordpress, Advanced Shipment Tracking For Woocommerce | 2026-07-13 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zorem Advanced Shipment Tracking for WooCommerce woo-advanced-shipment-tracking allows Blind SQL Injection.This issue affects Advanced Shipment Tracking for WooCommerce: from n/a through <= 4.0. | ||||
| CVE-2026-57410 | 2 Mailerpress Team, Wordpress | 2 Mailerpress, Wordpress | 2026-07-13 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in MailerPress Team MailerPress mailerpress allows Privilege Escalation.This issue affects MailerPress: from n/a through <= 2.0.2. | ||||
| CVE-2026-57380 | 2 Hupe13, Wordpress | 2 Extensions For Leaflet Map, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through <= 5.1. | ||||
| CVE-2026-57416 | 2 Siteground, Wordpress | 2 Email-marketing, Wordpress | 2026-07-13 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SiteGround SiteGround Email Marketing siteground-email-marketing allows Stored XSS.This issue affects SiteGround Email Marketing: from n/a through <= 1.7.5. | ||||