Search
Search Results (84270 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69175 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Line Agency <= 1.3.1 versions. | ||||
| CVE-2025-69135 | 2026-06-17 | 8.5 High | ||
| Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions. | ||||
| CVE-2026-39576 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions. | ||||
| CVE-2026-22328 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions. | ||||
| CVE-2026-40756 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Zoya <= 1.4 versions. | ||||
| CVE-2025-49403 | 2 Aa-team, Wordpress | 2 Premium Age Verification Restriction For Wordpress, Wordpress | 2026-06-17 | 7.5 High |
| Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress <= 3.0.2 versions. | ||||
| CVE-2025-69128 | 2026-06-17 | 8.6 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EMV JobCareer allows Path Traversal. This issue affects JobCareer: from n/a through 7.3. | ||||
| CVE-2025-69120 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Dazzle <= 1.0.0 versions. | ||||
| CVE-2025-69140 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in SweetDate Core < 1.1.5 versions. | ||||
| CVE-2026-39523 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Solene Core <= 2.3.2 versions. | ||||
| CVE-2026-40720 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Royal Elementor Addons Pro < 1.7.1041 versions. | ||||
| CVE-2026-39546 | 2 Techspawn, Wordpress | 2 Multiloca, Wordpress | 2026-06-17 | 7.6 High |
| Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions. | ||||
| CVE-2026-54192 | 2 Ays-pro, Wordpress | 2 Popup Box, Wordpress | 2026-06-17 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Popup box <= 6.2.9 versions. | ||||
| CVE-2026-54195 | 2 Jetmonsters, Wordpress | 2 Jetformbuilder, Wordpress | 2026-06-17 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions. | ||||
| CVE-2026-54813 | 2026-06-17 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brainstorm Force SureDash allows Blind SQL Injection. This issue affects SureDash: from n/a through 1.8.0. | ||||
| CVE-2024-32949 | 2 Prince, Wordpress | 2 Integrate Google Drive, Wordpress | 2026-06-17 | 8.3 High |
| Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Integrate Google Drive: from n/a through 1.3.8. | ||||
| CVE-2025-58952 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Neuronet < 1.14.0 versions. | ||||
| CVE-2025-69138 | 2026-06-17 | 8.8 High | ||
| Subscriber Privilege Escalation in Genemy <= 1.6.6 versions. | ||||
| CVE-2025-69173 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions. | ||||
| CVE-2026-48967 | 2 Dylan Kuhn, Wordpress | 2 Geo Mashup, Wordpress | 2026-06-17 | 8.5 High |
| Subscriber SQL Injection in Geo Mashup <= 1.13.19 versions. | ||||