Search
Search Results (84269 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-41557 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions. | ||||
| CVE-2026-42629 | 2026-06-17 | 8.8 High | ||
| Unauthenticated Broken Authentication in PowerPack Pro for Elementor < v2.13.0 versions. | ||||
| CVE-2024-32729 | 2 Quantumcloud, Wordpress | 2 Conversational Forms For Chatbot, Wordpress | 2026-06-17 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal. This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8. | ||||
| CVE-2026-40765 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in collectchat <= 2.4.9 versions. | ||||
| CVE-2025-58953 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Joly <= 1.22.0 versions. | ||||
| CVE-2025-69115 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions. | ||||
| CVE-2025-69130 | 2026-06-17 | 8.8 High | ||
| Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions. | ||||
| CVE-2025-69166 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions. | ||||
| CVE-2026-40768 | 2026-06-17 | 7.3 High | ||
| Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system <= 10.30.24 versions. | ||||
| CVE-2026-39445 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions. | ||||
| CVE-2026-39590 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Atomlab <= 2.4.5 versions. | ||||
| CVE-2026-40735 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Reina <= 2.1 versions. | ||||
| CVE-2026-40757 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Château <= 1.2.1 versions. | ||||
| CVE-2026-40721 | 2026-06-17 | 7.5 High | ||
| Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions. | ||||
| CVE-2026-39582 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions. | ||||
| CVE-2026-39573 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions. | ||||
| CVE-2025-60223 | 2026-06-17 | 7.7 High | ||
| Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot <= 13.6.5 versions. | ||||
| CVE-2026-39559 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Uppercase < 1.2.2 versions. | ||||
| CVE-2025-31013 | 2026-06-17 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6. | ||||
| CVE-2025-69123 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions. | ||||