Search
Search Results (360021 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39519 | 2 Ahmad, Wordpress | 2 Geekybot, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in GeekyBot <= 1.2.0 versions. | ||||
| CVE-2026-39525 | 2 Booking Activities Team, Wordpress | 2 Booking Activities, Wordpress | 2026-06-23 | 6.5 Medium |
| Unauthenticated Broken Access Control in Booking Activities <= 1.16.48.1 versions. | ||||
| CVE-2026-39527 | 2 Sc Internet Vivoo, Wordpress | 2 Wpstream, Wordpress | 2026-06-23 | 5.4 Medium |
| Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions. | ||||
| CVE-2026-39530 | 2 Speakout!, Wordpress | 2 Speakout! Email Petitions, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in SpeakOut! Email Petitions <= 4.6.5 versions. | ||||
| CVE-2026-39540 | 2 Amit Mittal, Wordpress | 2 Shipment Tracker For Woocommerce, Wordpress | 2026-06-23 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in Shipment Tracker for Woocommerce <= 1.5.3.2 versions. | ||||
| CVE-2026-39587 | 2 Hakan Ozevin, Wordpress | 2 Wp Base Booking, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Privilege Escalation in WP BASE Booking <= 5.9.0 versions. | ||||
| CVE-2026-39591 | 2 Cmsjunkie – Wordpress Business Directory Plugins, Wordpress | 2 Wp-businessdirectory, Wordpress | 2026-06-23 | 9.9 Critical |
| Subscriber Arbitrary File Upload in WP-BusinessDirectory <= 4.0.0 versions. | ||||
| CVE-2026-39594 | 2 Themefic, Wordpress | 2 Ultra Addons For Wpforms, Wordpress | 2026-06-23 | 6.4 Medium |
| Subscriber Broken Access Control in Ultra Addons for WPForms <= 1.0.11 versions. | ||||
| CVE-2026-40741 | 2 Jose Conti, Wordpress | 2 Redsys For Woocommerce Light, Wordpress | 2026-06-23 | 7.5 High |
| Unauthenticated Broken Access Control in Redsys for WooCommerce Light <= 7.0.0 versions. | ||||
| CVE-2026-40769 | 2 Satinder Singh, Wordpress | 2 Contact Form Extender For Divi – Save Entries, File Upload & Country Code Field, Wordpress | 2026-06-23 | 8.6 High |
| Unauthenticated Arbitrary File Deletion in Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field <= 1.0.6 versions. | ||||
| CVE-2026-40771 | 2 Wasiliy Strecker, Wordpress | 2 Contest Gallery, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in Contest Gallery <= 28.1.6 versions. | ||||
| CVE-2026-40772 | 2 Ahmad, Wordpress | 2 Geekybot, Wordpress | 2026-06-23 | 10 Critical |
| Unauthenticated Arbitrary File Upload in GeekyBot <= 1.2.2 versions. | ||||
| CVE-2026-40775 | 2 Royal Plugins, Wordpress | 2 Royal Mcp, Wordpress | 2026-06-23 | 7.3 High |
| Unauthenticated Broken Access Control in Royal MCP <= 1.4.2 versions. | ||||
| CVE-2026-40776 | 2 Arraytics, Wordpress | 2 Wp Event Solution, Wordpress | 2026-06-23 | 7.5 High |
| Unauthenticated Broken Access Control in WP Event SOlution <= 4.1.8 versions. | ||||
| CVE-2026-40785 | 2 Ruben Garcia, Wordpress | 2 Automatorwp, Wordpress | 2026-06-23 | 7.1 High |
| Subscriber Broken Authentication in AutomatorWP <= 5.6.7 versions. | ||||
| CVE-2026-40789 | 2 Tms, Wordpress | 2 Amelia, Wordpress | 2026-06-23 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Amelia <= 2.2 versions. | ||||
| CVE-2026-40795 | 2 Tms, Wordpress | 2 Amelia, Wordpress | 2026-06-23 | 6.5 Medium |
| Subscriber Broken Access Control in Amelia <= 2.2 versions. | ||||
| CVE-2026-40796 | 2 Ollybach, Wordpress | 2 Wppizza, Wordpress | 2026-06-23 | 6.5 Medium |
| Subscriber Sensitive Data Exposure in WPPizza <= 3.19.9 versions. | ||||
| CVE-2026-42378 | 2 Themeisle, Wordpress | 2 Wp Full Stripe Free, Wordpress | 2026-06-23 | 6.5 Medium |
| Subscriber Broken Authentication in WP Full Stripe Free <= 8.4.1 versions. | ||||
| CVE-2026-42381 | 2 Funnelkit, Wordpress | 2 Funnel Builder By Funnelkit, Wordpress | 2026-06-23 | 9.3 Critical |
| Unauthenticated SQL Injection in Funnel Builder by FunnelKit <= 3.15.0.1 versions. | ||||