Search
Search Results (13154 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27333 | 2 Videowhisper.com, Wordpress | 2 Paid Videochat Turnkey Site, Wordpress | 2026-06-16 | 8.1 High |
| Unauthenticated Deserialization of untrusted data in Paid Videochat Turnkey Site <= 7.3.23 versions. | ||||
| CVE-2026-48873 | 2 Montonio, Wordpress | 2 Montonio For Woocommerce, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Broken Access Control in Montonio for WooCommerce <= 10.1.2 versions. | ||||
| CVE-2026-48872 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Embedpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in EmbedPress <= 4.5.2 versions. | ||||
| CVE-2026-42661 | 2 Aguilatechnologies, Wordpress | 2 Wp Customer Area, Wordpress | 2026-06-16 | 8.8 High |
| Custom role Path Traversal in WP Customer Area <= 8.3.4 versions. | ||||
| CVE-2026-40732 | 2 Rainafarai, Wordpress | 2 Notification For Telegram, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Notification for Telegram <= 3.5 versions. | ||||
| CVE-2026-41556 | 2 Properfraction, Wordpress | 2 Profilepress, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in ProfilePress <= 4.16.13 versions. | ||||
| CVE-2026-48838 | 2 Wordpress, Wpexperts | 2 Wordpress, Post Smtp | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Post SMTP <= 3.6.2 versions. | ||||
| CVE-2025-59133 | 2 Projectopia, Wordpress | 2 Projectopia, Wordpress | 2026-06-16 | 7.5 High |
| Custom role Insecure Direct Object References (IDOR) in Projectopia <= 5.1.25.2 versions. | ||||
| CVE-2026-27089 | 2 Magepeople, Wordpress | 2 Wptravelly, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Bypass Vulnerability in WpTravelly <= 2.1.7 versions. | ||||
| CVE-2026-39465 | 2 Metaslider, Wordpress | 2 Responsive Slider By Metaslider, Wordpress | 2026-06-16 | 9.1 Critical |
| Editor Remote Code Execution (RCE) in Responsive Slider by MetaSlider <= 3.106.0 versions. | ||||
| CVE-2026-39493 | 2 Nsquared, Wordpress | 2 Simply Schedule Appointments, Wordpress | 2026-06-16 | 9.3 Critical |
| Unauthenticated SQL Injection in Simply Schedule Appointments <= 1.6.9.27 versions. | ||||
| CVE-2026-40743 | 2 Themeum, Wordpress | 2 Tutor Lms, Wordpress | 2026-06-16 | 6.5 Medium |
| Unauthenticated Broken Access Control in Tutor LMS <= 3.9.7 versions. | ||||
| CVE-2026-39490 | 2 Artbees, Wordpress | 2 Jupiter X Core, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Broken Access Control in JupiterX Core <= 4.14.1 versions. | ||||
| CVE-2026-49106 | 2 Crmperks, Wordpress | 2 Integration For Contact Form 7 And Constant Contact, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact <= 1.1.6 versions. | ||||
| CVE-2026-49765 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.8 versions. | ||||
| CVE-2026-39581 | 2 Activity-log.com, Wordpress | 2 Wp Sessions Time Monitoring Full Automatic, Wordpress | 2026-06-16 | 8.5 High |
| Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions. | ||||
| CVE-2026-49085 | 2 Crmperks, Wordpress | 2 Wp Insightly For Contact Form 7, Wpforms, Elementor, Formidable And Ninja Forms, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.4 versions. | ||||
| CVE-2026-49781 | 2 Brainstorm Force, Wordpress | 2 Ottokit, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in OttoKit <= 1.1.27 versions. | ||||
| CVE-2026-48885 | 2 Groundhogg, Wordpress | 2 Hollerbox, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in HollerBox <= 2.3.10.1 versions. | ||||
| CVE-2026-40790 | 2 Veronalabs, Wordpress | 2 Wp Sms, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions. | ||||