Search
Search Results (359644 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40748 | 2 Themagnifico52, Wordpress | 2 Kids Gift Shop, Wordpress | 2026-06-20 | 9.9 Critical |
| Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions. | ||||
| CVE-2026-40749 | 2 Themagnifico52, Wordpress | 2 Charity Zone, Wordpress | 2026-06-20 | 9.9 Critical |
| Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions. | ||||
| CVE-2026-40753 | 2 Mikado-themes, Wordpress | 2 Easymeals, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions. | ||||
| CVE-2026-40765 | 2 Collectchat, Wordpress | 2 Collectchat, Wordpress | 2026-06-20 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in collectchat <= 2.4.9 versions. | ||||
| CVE-2026-40768 | 2 Dimitri Grassi, Wordpress | 2 Salon Booking System, Wordpress | 2026-06-20 | 7.3 High |
| Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system <= 10.30.24 versions. | ||||
| CVE-2026-41557 | 2 Presslayouts, Wordpress | 2 Kapee, Wordpress | 2026-06-20 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions. | ||||
| CVE-2026-42380 | 2 Jwsthemes, Wordpress | 2 Ai Lab, Wordpress | 2026-06-20 | 9.8 Critical |
| Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions. | ||||
| CVE-2026-48875 | 2 Jetimpex Inc., Wordpress | 2 Jetsmartfilters, Wordpress | 2026-06-20 | 9.3 Critical |
| Unauthenticated SQL Injection in JetSmartFilters <= 3.8.1 versions. | ||||
| CVE-2026-49058 | 2 Loginpress, Wordpress | 2 Loginpress Pro, Wordpress | 2026-06-20 | 9.8 Critical |
| Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions. | ||||
| CVE-2026-49072 | 2 Opmc, Wordpress | 2 Woocommerce Anti-fraud, Wordpress | 2026-06-20 | 6.5 Medium |
| Unauthenticated Broken Access Control in WooCommerce Anti-Fraud <= 7.2.6 versions. | ||||
| CVE-2026-49074 | 2 Jetimpex Inc., Wordpress | 2 Jetengine, Wordpress | 2026-06-20 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.9.1 versions. | ||||
| CVE-2026-49075 | 2 Jetimpex Inc., Wordpress | 2 Jetengine, Wordpress | 2026-06-20 | 9.8 Critical |
| Contributor PHP Object Injection in JetEngine <= 3.8.9.1 versions. | ||||
| CVE-2026-49076 | 2 Jetimpex Inc., Wordpress | 2 Jetengine, Wordpress | 2026-06-20 | 9.3 Critical |
| Unauthenticated SQL Injection in JetEngine <= 3.8.9.1 versions. | ||||
| CVE-2026-49079 | 2 Jetimpex Inc., Wordpress | 2 Jetsearch, Wordpress | 2026-06-20 | 9.3 Critical |
| Unauthenticated SQL Injection in JetSearch <= 3.5.17 versions. | ||||
| CVE-2026-49081 | 2 Themegrill, Wordpress | 2 User Registration Stripe, Wordpress | 2026-06-20 | 8.2 High |
| Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.12 versions. | ||||
| CVE-2026-49084 | 2 Jetimpex Inc., Wordpress | 2 Jetengine, Wordpress | 2026-06-20 | 9.3 Critical |
| Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions. | ||||
| CVE-2026-52696 | 2 Jetimpex Inc., Wordpress | 2 Jetblog, Wordpress | 2026-06-20 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in JetBlog <= 2.4.8 versions. | ||||
| CVE-2026-52698 | 2 Syed Balkhi, Wordpress | 2 Pushengage – Web Push Notifications, Ecommerce Automation & Chat Widget, Wordpress | 2026-06-20 | 7.4 High |
| Subscriber Sensitive Data Exposure in PushEngage – Web Push Notifications, eCommerce Automation & Chat Widget <= 4.2.3 versions. | ||||
| CVE-2026-52705 | 2 Bdthemes, Wordpress | 2 Sigmaforms Pro – Ai Generated Forms, Wordpress | 2026-06-20 | 9 Critical |
| Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions. | ||||
| CVE-2026-52706 | 2 Jetimpex Inc., Wordpress | 2 Jetengine, Wordpress | 2026-06-20 | 9.8 Critical |
| Unauthenticated PHP Object Injection in JetEngine <= 3.8.10 versions. | ||||