Search Results (85552 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-54185 2 Themeco, Wordpress 2 Cornerstone, Wordpress 2026-06-20 8.5 High
Subscriber SQL Injection in Cornerstone < 7.8.8 versions.
CVE-2026-54188 2 Jetimpex Inc., Wordpress 2 Jetengine, Wordpress 2026-06-20 7.1 High
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
CVE-2026-54189 2 Jetimpex Inc., Wordpress 2 Jetengine, Wordpress 2026-06-20 7.1 High
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
CVE-2026-54804 2 Melhorenvio, Wordpress 2 Melhor Envio, Wordpress 2026-06-20 7.6 High
Subscriber Broken Authentication in Melhor Envio <= 2.16.3 versions.
CVE-2026-54805 2 Sbouey, Wordpress 2 Falang Multilanguage, Wordpress 2026-06-20 8.8 High
Subscriber Privilege Escalation in Falang multilanguage <= 1.4.2 versions.
CVE-2025-68524 2 Themegoods, Wordpress 2 Avante, Wordpress 2026-06-20 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions.
CVE-2025-69115 2 Themerex, Wordpress 2 Luxmed | Medicine & Healthcare Doctor Wordpress Theme, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions.
CVE-2025-69130 2 Themovation, Wordpress 2 Entrepreneur - Booking For Small Businesses Wordpress Theme, Wordpress 2026-06-20 8.8 High
Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions.
CVE-2025-69144 2 Themerex, Wordpress 2 Preservation, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Preservation <= 1.10 versions.
CVE-2025-69164 2 Themerex, Wordpress 2 Skyward, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Skyward <= 1.10 versions.
CVE-2025-69170 2 Themerex, Wordpress 2 Eventicity, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Eventicity <= 1.5 versions.
CVE-2025-69175 2 Themerex, Wordpress 2 Line Agency, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Line Agency <= 1.3.1 versions.
CVE-2026-39445 2 Presslayouts, Wordpress 2 Alukas, Wordpress 2026-06-20 8.1 High
Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions.
CVE-2026-39559 2 Codesupplyco, Wordpress 2 Uppercase, Wordpress 2026-06-20 8.1 High
Unauthenticated Local File Inclusion in Uppercase < 1.2.2 versions.
CVE-2026-40738 2 Edge-themes, Wordpress 2 Eldon, Wordpress 2026-06-20 8.1 High
Unauthenticated PHP Object Injection in Eldon <= 1.4.1 versions.
CVE-2026-40752 2 Select-themes, Wordpress 2 Manufaktur Solutions, Wordpress 2026-06-20 8.1 High
Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions.
CVE-2025-69128 2 Emv, Wordpress 2 Jobcareer, Wordpress 2026-06-20 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EMV JobCareer allows Path Traversal. This issue affects JobCareer: from n/a through 7.3.
CVE-2025-69189 2 Emv, Wordpress 2 Jobbank, Wordpress 2026-06-20 7.3 High
Missing Authorization vulnerability in EMV JobBank allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobBank: from n/a through 1.2.3.
CVE-2026-54810 2 Nexi Payments, Wordpress 2 Nexi Xpay, Wordpress 2026-06-20 7.5 High
Missing Authorization vulnerability in Nexi Payments Nexi XPay allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexi XPay: from n/a through 8.3.1.
CVE-2025-71322 2 Mmaitre314, Picklescan 2 Picklescan, Picklescan 2026-06-20 8.8 High
PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list, allowing attackers to bypass security checks. Malicious actors can craft pickle payloads using pty.spawn to achieve arbitrary code execution when files are processed by PickleScan.