Search
Search Results (359330 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-41557 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions. | ||||
| CVE-2024-35648 | 2026-06-17 | 4.3 Medium | ||
| Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery. This issue affects Emergency Password Reset: from n/a through 8.0. | ||||
| CVE-2026-45436 | 2026-06-17 | 6.5 Medium | ||
| Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions. | ||||
| CVE-2026-42629 | 2026-06-17 | 8.8 High | ||
| Unauthenticated Broken Authentication in PowerPack Pro for Elementor < v2.13.0 versions. | ||||
| CVE-2024-32729 | 2 Quantumcloud, Wordpress | 2 Conversational Forms For Chatbot, Wordpress | 2026-06-17 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal. This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8. | ||||
| CVE-2026-40765 | 2026-06-17 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in collectchat <= 2.4.9 versions. | ||||
| CVE-2024-37210 | 2026-06-17 | 6.5 Medium | ||
| Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AliNext: from n/a through 3.3.5. | ||||
| CVE-2025-58953 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Joly <= 1.22.0 versions. | ||||
| CVE-2025-69115 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions. | ||||
| CVE-2026-40746 | 2026-06-17 | 9.9 Critical | ||
| Subscriber Arbitrary File Upload in Restaurant Zone <= 0.7.8 versions. | ||||
| CVE-2025-69130 | 2026-06-17 | 8.8 High | ||
| Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions. | ||||
| CVE-2025-69166 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions. | ||||
| CVE-2026-40768 | 2026-06-17 | 7.3 High | ||
| Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system <= 10.30.24 versions. | ||||
| CVE-2026-39445 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions. | ||||
| CVE-2026-39590 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Atomlab <= 2.4.5 versions. | ||||
| CVE-2026-40735 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Reina <= 2.1 versions. | ||||
| CVE-2026-40757 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Château <= 1.2.1 versions. | ||||
| CVE-2025-60230 | 2026-06-17 | 9.8 Critical | ||
| Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection. This issue affects The Barber Shop: from n/a through 1.9. | ||||
| CVE-2026-40723 | 2 Bricks, Wordpress | 2 Bricks Builder, Wordpress | 2026-06-17 | 4.3 Medium |
| Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions. | ||||
| CVE-2026-40721 | 2026-06-17 | 7.5 High | ||
| Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions. | ||||