Export limit exceeded: 12543 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12543 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39555 | 2 Elated-themes, Wordpress | 2 Askka, Wordpress | 2026-06-02 | 8.1 High |
| Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. This issue affects Askka: from n/a through 1.3.1. | ||||
| CVE-2026-28116 | 2 Emiliaprojects, Wordpress | 2 Progress Planner, Wordpress | 2026-06-02 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Emilia Projects Progress Planner allows Stored XSS. This issue affects Progress Planner: from n/a through 1.9.0. | ||||
| CVE-2026-49782 | 2 Elementor, Wordpress | 2 Elementor Website Builder, Wordpress | 2026-06-02 | 5.4 Medium |
| Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from n/a through 4.1.0. | ||||
| CVE-2026-8293 | 2 Really-simple-plugins, Wordpress | 2 Really Simple Security, Wordpress | 2026-06-02 | 7.5 High |
| The Really Simple Security WordPress plugin before 9.5.10.1 does not enforce the second-factor challenge in two of its two-factor authentication REST endpoints, allowing an attacker who knows a user's password to obtain a WordPress authentication session for that user without completing the email OTP challenge. | ||||
| CVE-2026-2425 | 2 Hiweb, Wordpress | 2 Migration Simple, Wordpress | 2026-06-02 | 6.1 Medium |
| The hiWeb Migration Simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'new_domain' parameter in all versions up to, and including, 2.0.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrator into performing an action such as clicking on a link. | ||||
| CVE-2026-42669 | 2 Theeventprime, Wordpress | 2 Eventprime, Wordpress | 2026-06-02 | 7.5 High |
| Missing Authorization vulnerability in EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EventPrime: from n/a through 4.3.2.0. | ||||
| CVE-2026-9050 | 2 Revolution Slider, Wordpress | 2 Slider Revolution, Wordpress | 2026-06-02 | 4.3 Medium |
| The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerable to unauthorized modification of data. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Contributor-level access and above, to deactivate any active plugin installed on the site. | ||||
| CVE-2026-9048 | 2 Revolution Slider, Wordpress | 2 Slider Revolution, Wordpress | 2026-06-02 | 4.3 Medium |
| The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions 7.0.0 - 7.0.14, via the 'slider.get.full' AJAX Action. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including raw social media API credentials: the Instagram OAuth token, Flickr API key, YouTube Data API key, and Facebook App ID, stored in any configured slider's settings. | ||||
| CVE-2026-8206 | 2 Themeum, Wordpress | 2 Kirki – Freeform Page Builder, Website Builder & Customizer, Wordpress | 2026-06-02 | 9.8 Critical |
| The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions 6.0.0 to 6.0.6. This is due to the plugin accepting an arbitrary email address when a username is used in the password reset request. This makes it possible for unauthenticated attackers to send a password reset link for any user registered on the site to their own email address. | ||||
| CVE-2026-42675 | 2 Themefic, Wordpress | 2 Hydra Booking, Wordpress | 2026-06-01 | 7.3 High |
| Missing Authorization vulnerability in Themefic Hydra Booking allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hydra Booking: from n/a through 1.1.41. | ||||
| CVE-2026-42676 | 2 Mycred, Wordpress | 2 Mycred, Wordpress | 2026-06-01 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in myCred allows Stored XSS. This issue affects myCred: from n/a through 3.0.4. | ||||
| CVE-2026-42671 | 2 Paolo, Wordpress | 2 Geodirectory, Wordpress | 2026-06-01 | 6.5 Medium |
| Missing Authorization vulnerability in Paolo GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GeoDirectory: from n/a through 2.8.157. | ||||
| CVE-2026-48866 | 2 Rocketgenius, Wordpress | 2 Gravityforms, Wordpress | 2026-06-01 | 9.6 Critical |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a through 2.10.0.1. | ||||
| CVE-2026-48865 | 2 Thimpress, Wordpress | 2 Learnpress, Wordpress | 2026-06-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress allows Reflected XSS. This issue affects LearnPress: from n/a through 4.3.6. | ||||
| CVE-2026-42682 | 2 Tomdever, Wordpress | 2 Wpforo Forum, Wordpress | 2026-06-01 | 9.1 Critical |
| Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6. | ||||
| CVE-2026-48839 | 2 Veronalabs, Wordpress | 2 Wp Statistics, Wordpress | 2026-06-01 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a through 14.16.6. | ||||
| CVE-2026-9757 | 2 Ninjew, Wordpress | 2 Geo My Wp, Wordpress | 2026-06-01 | 7.5 High |
| The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $_SERVER['QUERY_STRING'] via parse_str() (bypassing WordPress's wp_magic_quotes protection, which only covers $_POST/$_GET/$_COOKIE/$_REQUEST), then each is split on ',' via explode() and the resulting fragments are interpolated directly into a SQL BETWEEN clause in gmw_get_locations_within_boundaries_sql() without is_numeric() validation, (float) casting, esc_sql(), or $wpdb->prepare(). This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Exploitation requires the site to host the Posts Locator search-results shortcode (`[gmw form="results" form_id=N]`) on a public page and to have at least one published post with an associated gmw_location row. | ||||
| CVE-2026-7465 | 2 Brainstormforce, Wordpress | 2 Spectra Gutenberg Blocks – Website Builder For The Block Editor, Wordpress | 2026-06-01 | 8.8 High |
| The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server. Exploitation requires a two-block payload embedded in post content: the first block registers a fake uagb/-prefixed block type with an attacker-specified render_callback, and the second block of the same fake type triggers invocation of that callback via call_user_func() during sequential block rendering in the same page request. | ||||
| CVE-2026-7459 | 2 Eskapism, Wordpress | 2 Simple History – Track, Log, And Audit Wordpress Changes, Wordpress | 2026-06-01 | 7.5 High |
| The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated (Subscriber+) account takeover in all versions up to, and including, 5.26.0 via the event reaction endpoints (react_to_event() / unreact_to_event()). The endpoints register get_items_permissions_check() as their permission_callback, which only verifies the requester is logged in and does not enforce the per-logger capability checks normally applied by Log_Query. As a result, a Subscriber-level user can POST to /wp-json/simple-history/v1/events/<id>/react with the _fields=context query parameter and read the full context of any Simple History event — including SimpleUserLogger entries that record the full password-reset email body (reset URL with the reset key) for any user. The attacker triggers a password reset for an administrator via the lost-password form, brute-forces recent event IDs through the reaction endpoint to read the resulting user_requested_password_reset_link event, extracts the reset key from context.message, and completes the password reset to take over the administrator account. Exploitation requires an administrator to have first enabled the experimental features option (simple_history_experimental_features_enabled), which is not the default. | ||||
| CVE-2026-42733 | 2 Realmag777, Wordpress | 2 Wpcs, Wordpress | 2026-05-30 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through <= 1.3.1. | ||||