Search
Search Results (13704 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-42384 | 2 Nsquared, Wordpress | 2 Simply Schedule Appointments, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Simply Schedule Appointments < 1.6.11.2 versions. | ||||
| CVE-2026-49110 | 2 Wordpress, Wp Swings | 2 Wordpress, Upsell Order Bump Offer For Woocommerce | 2026-06-16 | 7.5 High |
| Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions. | ||||
| CVE-2026-39491 | 2 Artbees, Wordpress | 2 Jupiter X Core, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in JupiterX Core <= 4.14.1 versions. | ||||
| CVE-2026-48870 | 2 Kingaddons, Wordpress | 2 King Addons For Elementor, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in King Addons for Elementor <= 51.1.62 versions. | ||||
| CVE-2026-39512 | 2 Paolo, Wordpress | 2 Geodirectory, Wordpress | 2026-06-16 | 9.3 Critical |
| Unauthenticated SQL Injection in GeoDirectory <= 2.8.152 versions. | ||||
| CVE-2026-40762 | 2 Wordpress, Wpgraphql | 2 Wordpress, Wpgraphql | 2026-06-16 | 7.5 High |
| Unauthenticated SQL Injection in WPGraphQL < 2.11.1 versions. | ||||
| CVE-2026-39480 | 2 Inisev, Wordpress | 2 Backup Migration, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Backup Migration <= 2.1.1 versions. | ||||
| CVE-2026-39503 | 2 Awesomemotive, Wordpress | 2 Easy Digital Downloads, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Broken Access Control in Easy Digital Downloads <= 3.6.5 versions. | ||||
| CVE-2026-39447 | 2 Nsquared, Wordpress | 2 Simply Schedule Appointments, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments <= 1.6.10.6 versions. | ||||
| CVE-2026-34900 | 2 Liquid Web / Stellarwp, Wordpress | 2 Givewp, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in GiveWP <= 4.14.2 versions. | ||||
| CVE-2026-23970 | 2 Themeisle, Wordpress | 2 Redirection For Contact Form 7, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Redirection for Contact Form 7 <= 3.2.8 versions. | ||||
| CVE-2026-27333 | 2 Videowhisper.com, Wordpress | 2 Paid Videochat Turnkey Site, Wordpress | 2026-06-16 | 8.1 High |
| Unauthenticated Deserialization of untrusted data in Paid Videochat Turnkey Site <= 7.3.23 versions. | ||||
| CVE-2026-48873 | 2 Montonio, Wordpress | 2 Montonio For Woocommerce, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Broken Access Control in Montonio for WooCommerce <= 10.1.2 versions. | ||||
| CVE-2026-48872 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Embedpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in EmbedPress <= 4.5.2 versions. | ||||
| CVE-2026-42661 | 2 Aguilatechnologies, Wordpress | 2 Wp Customer Area, Wordpress | 2026-06-16 | 8.8 High |
| Custom role Path Traversal in WP Customer Area <= 8.3.4 versions. | ||||
| CVE-2026-40732 | 2 Rainafarai, Wordpress | 2 Notification For Telegram, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Notification for Telegram <= 3.5 versions. | ||||
| CVE-2026-41556 | 2 Properfraction, Wordpress | 2 Profilepress, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in ProfilePress <= 4.16.13 versions. | ||||
| CVE-2026-48838 | 2 Wordpress, Wpexperts | 2 Wordpress, Post Smtp | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Post SMTP <= 3.6.2 versions. | ||||
| CVE-2025-59133 | 2 Projectopia, Wordpress | 2 Projectopia, Wordpress | 2026-06-16 | 7.5 High |
| Custom role Insecure Direct Object References (IDOR) in Projectopia <= 5.1.25.2 versions. | ||||
| CVE-2026-27089 | 2 Magepeople, Wordpress | 2 Wptravelly, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Bypass Vulnerability in WpTravelly <= 2.1.7 versions. | ||||