Search
Search Results (359657 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22342 | 2 Premiumpress Limited., Wordpress | 2 Wordpress Dating Theme, Wordpress | 2026-06-20 | 8.8 High |
| Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions. | ||||
| CVE-2026-22343 | 2 Premiumpress Limited., Wordpress | 2 Wordpress Dating Theme, Wordpress | 2026-06-20 | 8.6 High |
| Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions. | ||||
| CVE-2026-27041 | 2 Studio Keren Aga Ltd., Wordpress | 2 Unlimited Elements For Elementor (premium), Wordpress | 2026-06-20 | 9.9 Critical |
| Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium) <= 2.0.6 versions. | ||||
| CVE-2026-27400 | 2 Ovatheme, Wordpress | 2 Bookpro, Wordpress | 2026-06-20 | 8.6 High |
| Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions. | ||||
| CVE-2026-39545 | 2 Select-themes, Wordpress | 2 Zermatt, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions. | ||||
| CVE-2026-39573 | 2 Select-themes, Wordpress | 2 Mildhill, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions. | ||||
| CVE-2026-39582 | 2 Wordpress, Xtemos | 2 Wordpress, Hitek | 2026-06-20 | 8.1 High |
| Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions. | ||||
| CVE-2026-39589 | 2 A Wp Life, Wordpress | 2 Webenvo, Wordpress | 2026-06-20 | 9.9 Critical |
| Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions. | ||||
| CVE-2026-40724 | 2 Client Portal Ltd., Wordpress | 2 Client Portal (pro), Wordpress | 2026-06-20 | 6.5 Medium |
| CP Client Arbitrary File Download in Client Portal (Pro) <= 5.6.2 versions. | ||||
| CVE-2026-40725 | 2 Barn2 Media Ltd, Wordpress | 2 Woocommerce Product Filters, Wordpress | 2026-06-20 | 9.8 Critical |
| Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions. | ||||
| CVE-2026-40726 | 2 Themegrill, Wordpress | 2 User Registration Stripe, Wordpress | 2026-06-20 | 8.2 High |
| Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions. | ||||
| CVE-2026-40746 | 2 Themagnifico52, Wordpress | 2 Restaurant Zone, Wordpress | 2026-06-20 | 9.9 Critical |
| Subscriber Arbitrary File Upload in Restaurant Zone <= 0.7.8 versions. | ||||
| CVE-2026-40747 | 2 Themagnifico52, Wordpress | 2 Ecommerce Zone, Wordpress | 2026-06-20 | 9.9 Critical |
| Subscriber Arbitrary File Upload in Ecommerce Zone <= 0.9.7 versions. | ||||
| CVE-2026-40748 | 2 Themagnifico52, Wordpress | 2 Kids Gift Shop, Wordpress | 2026-06-20 | 9.9 Critical |
| Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions. | ||||
| CVE-2026-40749 | 2 Themagnifico52, Wordpress | 2 Charity Zone, Wordpress | 2026-06-20 | 9.9 Critical |
| Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions. | ||||
| CVE-2026-40753 | 2 Mikado-themes, Wordpress | 2 Easymeals, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions. | ||||
| CVE-2026-40765 | 2 Collectchat, Wordpress | 2 Collectchat, Wordpress | 2026-06-20 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in collectchat <= 2.4.9 versions. | ||||
| CVE-2026-40768 | 2 Dimitri Grassi, Wordpress | 2 Salon Booking System, Wordpress | 2026-06-20 | 7.3 High |
| Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system <= 10.30.24 versions. | ||||
| CVE-2026-41557 | 2 Presslayouts, Wordpress | 2 Kapee, Wordpress | 2026-06-20 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions. | ||||
| CVE-2026-42380 | 2 Jwsthemes, Wordpress | 2 Ai Lab, Wordpress | 2026-06-20 | 9.8 Critical |
| Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions. | ||||