Export limit exceeded: 359197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359197 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-48880 | 2 Ahmad, Wordpress | 2 Wp Job Portal, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in WP Job Portal <= 2.5.2 versions. | ||||
| CVE-2026-49085 | 2 Crmperks, Wordpress | 2 Wp Insightly For Contact Form 7, Wpforms, Elementor, Formidable And Ninja Forms, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.4 versions. | ||||
| CVE-2026-49781 | 2 Brainstorm Force, Wordpress | 2 Ottokit, Wordpress | 2026-06-16 | 9.8 Critical |
| Unauthenticated PHP Object Injection in OttoKit <= 1.1.27 versions. | ||||
| CVE-2026-48867 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.1.2 versions. | ||||
| CVE-2026-48885 | 2 Groundhogg, Wordpress | 2 Hollerbox, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in HollerBox <= 2.3.10.1 versions. | ||||
| CVE-2025-71211 | 1 Trendmicro | 3 Apex One, Apexone Op, Apexone Saas | 2026-06-16 | 9.8 Critical |
| A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required. For this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their console�s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied. | ||||
| CVE-2026-10727 | 1 Ivanti | 1 Endpoint Manager Mobile | 2026-06-16 | 7.2 High |
| An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root | ||||
| CVE-2026-39472 | 2 Wordpress, Wpovernight | 2 Wordpress, Woocommerce Pdf Invoices\& Packing Slips | 2026-06-16 | 7.2 High |
| Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips < 5.9.0 versions. | ||||
| CVE-2026-40762 | 2 Wordpress, Wpgraphql | 2 Wordpress, Wpgraphql | 2026-06-16 | 7.5 High |
| Unauthenticated SQL Injection in WPGraphQL < 2.11.1 versions. | ||||
| CVE-2026-40790 | 2 Veronalabs, Wordpress | 2 Wp Sms, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions. | ||||
| CVE-2026-42651 | 2 Mamunur Rashid, Wordpress | 2 Classified Listing, Wordpress | 2026-06-16 | 6.3 Medium |
| Subscriber Broken Access Control in Classified Listing <= 5.3.9 versions. | ||||
| CVE-2026-48882 | 2 Codepeople, Wordpress | 2 Wp Time Slots Booking Form, Wordpress | 2026-06-16 | 8.5 High |
| Subscriber SQL Injection in WP Time Slots Booking Form <= 1.2.50 versions. | ||||
| CVE-2026-49056 | 2 Webtoffee, Wordpress | 2 Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions. | ||||
| CVE-2026-49068 | 2 Relywp, Wordpress | 2 Coupon Affiliates, Wordpress | 2026-06-16 | 7.5 High |
| Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions. | ||||
| CVE-2026-49083 | 2 Latepoint, Wordpress | 2 Latepoint, Wordpress | 2026-06-16 | 7.5 High |
| Contributor Privilege Escalation in LatePoint <= 5.5.1 versions. | ||||
| CVE-2026-5149 | 2 Rometheme, Wordpress | 2 Rtmkit, Wordpress | 2026-06-16 | 6.5 Medium |
| The RTMKit plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.7 This is due to the get_submission_content AJAX endpoint lacking a capability check to verify that a user has permission to access the requested form submission data. This makes it possible for authenticated attackers, with Contributor-level access and above, to view arbitrary form submissions from other users by iterating the entries_id parameter. | ||||
| CVE-2016-20075 | 2 Etoilewebdesign, Wordpress | 2 Ultimate Product Catalog, Wordpress | 2026-06-16 | 8.8 High |
| WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that allows authenticated users with contributor, editor, author, or administrator roles to upload malicious files by exploiting the custom fields functionality. Attackers can upload PHP shells through the Products tab custom file field and access them via the upcp-product-file-uploads directory to execute arbitrary code on the server. | ||||
| CVE-2026-10634 | 1 Zephyrproject | 1 Zephyr | 2026-06-16 | 4.8 Medium |
| Zephyr's native TCP stack iterates the global connection list in net_tcp_foreach() (subsys/net/ip/tcp.c) using the SYS_SLIST_FOR_EACH_CONTAINER_SAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcp_lock while invoking the per-connection callback and re-acquired it afterwards. During that window a concurrent tcp_conn_release(), running on the dedicated TCP work-queue thread when a connection's reference count drops to zero (e.g. a remote peer closing or resetting the connection), can remove and k_mem_slab_free() the cached next connection. When the iterator advances it dereferences the freed (and possibly reallocated) slab memory — a use-after-free that can crash the system (denial of service) and, if the slot has been reused, cause the callback to operate on an attacker-influenced object (potential information disclosure or further fault). net_tcp_foreach() is reached in production via the 'net conn' network shell command and via net_tcp_close_all_for_iface() on interface-down; the freeing side is driven by ordinary TCP traffic. The fix moves the connection/context teardown in tcp_conn_release() inside the tcp_lock critical section and keeps tcp_lock held across the callback in net_tcp_foreach(). The defect was introduced with the modern (TCP2) stack in 2020 and affects releases up to and including v4.4.0. | ||||
| CVE-2026-48709 | 1 Olivetin | 1 Olivetin | 2026-06-16 | 3.7 Low |
| OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, The ValidateArgumentType RPC endpoint in service/internal/api/api.go does not perform any authentication or authorization checks. Unlike all other data-returning API endpoints, it does not call auth.UserFromApiCall or checkDashboardAccess. When AuthRequireGuestsToLogin is enabled (the security-conscious configuration), this endpoint remains accessible to unauthenticated users and can be used as an oracle to enumerate valid action binding IDs and their argument configurations. This issue has been fixed in version 3000.13.0. | ||||
| CVE-2026-22557 | 1 Ubiquiti | 1 Unifi Network Application | 2026-06-16 | 10 Critical |
| A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account. | ||||