Export limit exceeded: 13704 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (13704 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-54848 2 Saad Iqbal, Wordpress 2 Apiexperts Square For Woocommerce, Wordpress 2026-06-26 8.3 High
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal APIExperts Square for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects APIExperts Square for WooCommerce: from n/a through 4.7.3.
CVE-2026-56006 2 H5p, Wordpress 2 H5p, Wordpress 2026-06-26 7.1 High
Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions.
CVE-2026-56050 2 Themeisle, Wordpress 2 Ppom For Woocommerce, Wordpress 2026-06-26 6.5 Medium
Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PPOM for WooCommerce: from n/a through 33.0.18.
CVE-2026-57619 2 Elementor, Wordpress 2 Elementor Website Builder, Wordpress 2026-06-25 6.5 Medium
Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions.
CVE-2026-54823 2 Marketingfire, Wordpress 2 Widget-options, Wordpress 2026-06-25 9.9 Critical
Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions.
CVE-2026-56005 2 Melapress, Wordpress 2 Wp Activity Log, Wordpress 2026-06-25 7.1 High
Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.
CVE-2026-54842 2 Royal Plugins, Wordpress 2 Royal Mcp, Wordpress 2026-06-25 8.1 High
Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal MCP: from n/a through 1.4.25.
CVE-2026-56014 2 Averta, Wordpress 2 Master Slider, Wordpress 2026-06-25 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
CVE-2026-12079 2 Wedevs, Wordpress 2 Dokan Pro, Wordpress 2026-06-25 6.5 Medium
The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVE-2026-54829 2 Jacob N. Breetvelt, Wordpress 2 Wp Photo Album Plus, Wordpress 2026-06-25 7.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jacob N. Breetvelt WP Photo Album Plus allows Blind SQL Injection. This issue affects WP Photo Album Plus: from n/a through 9.1.13.005.
CVE-2026-56042 2 Algolplus, Wordpress 2 Advanced Order Export For Woocommerce, Wordpress 2026-06-25 7.1 High
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
CVE-2026-56049 2 Postsnippets, Wordpress 2 Post Snippets, Wordpress 2026-06-25 8.5 High
Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.
CVE-2026-56054 2 Ahmad, Wordpress 2 Js Help Desk, Wordpress 2026-06-25 7.7 High
Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
CVE-2026-54841 2 Appsbd, Wordpress 2 Vitepos, Wordpress 2026-06-25 7.5 High
Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 versions.
CVE-2026-56023 2 Knitpay, Wordpress 2 Upi Qr Code Payment Gateway For Woocommerce, Wordpress 2026-06-25 5.4 Medium
Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce <= 1.6.2 versions.
CVE-2026-10824 2 Masteriyo, Wordpress 2 Masteriyo, Wordpress 2026-06-25 6.5 Medium
The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-progress REST API controller, allowing unauthenticated users to read and permanently delete any user's course-progress records.
CVE-2026-9179 2 Hancock11, Wordpress 2 Wp Forms Connector, Wordpress 2026-06-25 7.5 High
The WP Forms Connector plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/wp/v3/post/list REST endpoint in versions up to and including 1.8. This is due to insufficient escaping on the user-supplied 'order' parameter (read directly from $_GET['order'] into $shorting) and the lack of sufficient preparation on the existing SQL query in the listPost() function, where the value is concatenated unquoted into the ORDER BY clause and executed via $wpdb->get_results() without $wpdb->prepare(). The endpoint is registered with permission_callback '__return_true' and performs only a broken header-based check that validates the supplied 'Username' corresponds to an administrator account while never verifying the 'Password'. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVE-2026-10552 2 Jotis, Wordpress 2 Blue Captcha, Wordpress 2026-06-25 4.3 Medium
The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel (blcap_main_page) and on the Hall of Shame and Log subpages, which accept a 'blcap_action' / 'action' parameter from $_REQUEST and perform destructive operations (plugin uninstall via blcap_uninstall(), log deletion via blcap_delete_logs(), Hall of Shame deletion via blcap_delete_ip_db(), and adding IPs to the banned list via update_option('blcap_settings')) with no wp_verify_nonce(), check_admin_referer(), or check_ajax_referer() calls anywhere in the codebase. This makes it possible for unauthenticated attackers to uninstall the plugin, delete audit logs, remove Hall of Shame entries, and add arbitrary IP addresses to the block list via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVE-2026-8617 2 Ailchev, Wordpress 2 Searchplus, Wordpress 2026-06-25 5.3 Medium
The SearchPlus plugin for WordPress is vulnerable to unauthorized modification and deletion of data in versions up to, and including, 1.7.1. This is due to a missing capability check and missing nonce validation on the searchplus_save_token_action_callback() and searchplus_reset_token_action_callback() functions, both of which are exposed to unauthenticated users through the wp_ajax_nopriv_ hooks. This makes it possible for unauthenticated attackers to overwrite or delete the plugin's stored account token and account name options (dym_token, dym_name, searchplus_token, searchplus_name, sp_token, sp_name).
CVE-2026-12416 2 Pravel, Wordpress 2 Invoice Generator, Wordpress 2026-06-25 9.8 Critical
The Invoice Generator plugin for WordPress is vulnerable to Account Takeover via Password Reset in all versions up to, and including, 1.0.0. This is due to the `pravel_invoice_change_password()` function being registered as a nopriv AJAX handler with no nonce verification and no authorization check, and performing a loose equality comparison between the supplied `reset_activation_code` POST parameter and the target user's stored `forgot_email` user meta — a check that trivially evaluates to true (`'' == ''`) for any user who has never initiated a forgot-password request, which applies to administrators under normal conditions. This makes it possible for unauthenticated attackers to supply an arbitrary user ID via the `reset_user_id` POST parameter, bypass the activation code check entirely by omitting `reset_activation_code`, and set the target account's password to an attacker-chosen value, enabling full takeover of any account on the site, including administrator accounts.