Export limit exceeded: 358241 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358241 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-49109 | 2026-06-15 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.3 versions. | ||||
| CVE-2026-49106 | 2026-06-15 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact <= 1.1.6 versions. | ||||
| CVE-2026-49104 | 2026-06-15 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.2.1 versions. | ||||
| CVE-2026-49085 | 2026-06-15 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.4 versions. | ||||
| CVE-2026-49083 | 2026-06-15 | 7.5 High | ||
| Contributor Privilege Escalation in LatePoint <= 5.5.1 versions. | ||||
| CVE-2026-49082 | 2026-06-15 | 7.4 High | ||
| Subscriber Sensitive Data Exposure in Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons <= 1.4.8 versions. | ||||
| CVE-2026-49078 | 2026-06-15 | 7.5 High | ||
| Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions. | ||||
| CVE-2026-49068 | 2026-06-15 | 7.5 High | ||
| Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions. | ||||
| CVE-2026-49067 | 2026-06-15 | 9.3 Critical | ||
| Unauthenticated SQL Injection in Advanced 301 and 302 Redirect <= 1.6.9 versions. | ||||
| CVE-2026-49066 | 2026-06-15 | 7.5 High | ||
| Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions. | ||||
| CVE-2026-49065 | 2026-06-15 | 8.2 High | ||
| Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions. | ||||
| CVE-2026-49063 | 2026-06-15 | 7.3 High | ||
| Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions. | ||||
| CVE-2026-49056 | 2026-06-15 | 7.5 High | ||
| Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions. | ||||
| CVE-2026-49055 | 2026-06-15 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.7 versions. | ||||
| CVE-2026-49043 | 2026-06-15 | 4.7 Medium | ||
| Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions. | ||||
| CVE-2026-48970 | 2026-06-15 | 8.1 High | ||
| Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions. | ||||
| CVE-2026-48966 | 2026-06-15 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Funnel Builder by FunnelKit <= 3.15.0.2 versions. | ||||
| CVE-2026-48964 | 2026-06-15 | 8.5 High | ||
| Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.6 versions. | ||||
| CVE-2026-48889 | 2026-06-15 | 8.8 High | ||
| Subscriber Privilege Escalation in Amelia <= 2.3 versions. | ||||
| CVE-2026-48887 | 2026-06-15 | 6.5 Medium | ||
| Unauthenticated Broken Access Control in JS Help Desk <= 3.0.9 versions. | ||||