Search
Search Results (13703 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-54189 | 2 Jetimpex Inc., Wordpress | 2 Jetengine, Wordpress | 2026-06-20 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions. | ||||
| CVE-2026-54803 | 2 Cozyvision, Wordpress | 2 Sms Alert Order Notifications, Wordpress | 2026-06-20 | 9.8 Critical |
| Subscriber Privilege Escalation in SMS Alert Order Notifications <= 3.9.4 versions. | ||||
| CVE-2026-54804 | 2 Melhorenvio, Wordpress | 2 Melhor Envio, Wordpress | 2026-06-20 | 7.6 High |
| Subscriber Broken Authentication in Melhor Envio <= 2.16.3 versions. | ||||
| CVE-2026-54805 | 2 Sbouey, Wordpress | 2 Falang Multilanguage, Wordpress | 2026-06-20 | 8.8 High |
| Subscriber Privilege Escalation in Falang multilanguage <= 1.4.2 versions. | ||||
| CVE-2026-54807 | 2 Themegrill, Wordpress | 2 Registration Form For Woocommerce, Wordpress | 2026-06-20 | 9.8 Critical |
| Unauthenticated Privilege Escalation in Registration Form for WooCommerce <= 1.0.9 versions. | ||||
| CVE-2024-34810 | 2 Extend Themes, Wordpress | 2 Skyline Wp, Wordpress | 2026-06-20 | 4.3 Medium |
| Cross-Site request forgery (CSRF) vulnerability in Extend Themes Skyline WP allows Cross Site Request Forgery. This issue affects Skyline WP: from n/a through 1.0.10. | ||||
| CVE-2024-33685 | 2 Jegstudio, Wordpress | 2 Startupzy, Wordpress | 2026-06-20 | 4.3 Medium |
| Missing Authorization vulnerability in Jegstudio Startupzy startupzy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Startupzy: from n/a through 1.1.1. | ||||
| CVE-2024-31435 | 2 Inisev, Wordpress | 2 Social Media & Share Icons, Wordpress | 2026-06-20 | 4.3 Medium |
| : Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Social Media & Share Icons: from n/a through 2.8.6. | ||||
| CVE-2024-35648 | 2 Andy Moyle, Wordpress | 2 Emergency Password Reset, Wordpress | 2026-06-20 | 4.3 Medium |
| Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery. This issue affects Emergency Password Reset: from n/a through 8.0. | ||||
| CVE-2024-37210 | 2 Ali2woo, Wordpress | 2 Alinext, Wordpress | 2026-06-20 | 6.5 Medium |
| Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AliNext: from n/a through 3.3.5. | ||||
| CVE-2024-37496 | 2 Rara Themes, Wordpress | 2 Metro Magazine, Wordpress | 2026-06-20 | 4.3 Medium |
| Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.3.7. | ||||
| CVE-2025-59554 | 2 Advanced Ads Gmbh, Wordpress | 2 Advanced Ads – Tracking, Wordpress | 2026-06-20 | 9.3 Critical |
| Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions. | ||||
| CVE-2025-68524 | 2 Themegoods, Wordpress | 2 Avante, Wordpress | 2026-06-20 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions. | ||||
| CVE-2025-69115 | 2 Themerex, Wordpress | 2 Luxmed | Medicine & Healthcare Doctor Wordpress Theme, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions. | ||||
| CVE-2025-69130 | 2 Themovation, Wordpress | 2 Entrepreneur - Booking For Small Businesses Wordpress Theme, Wordpress | 2026-06-20 | 8.8 High |
| Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions. | ||||
| CVE-2025-69144 | 2 Themerex, Wordpress | 2 Preservation, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Preservation <= 1.10 versions. | ||||
| CVE-2025-69164 | 2 Themerex, Wordpress | 2 Skyward, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Skyward <= 1.10 versions. | ||||
| CVE-2025-69170 | 2 Themerex, Wordpress | 2 Eventicity, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Eventicity <= 1.5 versions. | ||||
| CVE-2025-69175 | 2 Themerex, Wordpress | 2 Line Agency, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Line Agency <= 1.3.1 versions. | ||||
| CVE-2026-39445 | 2 Presslayouts, Wordpress | 2 Alukas, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions. | ||||