Export limit exceeded: 13606 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13606 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56026 | 2 Chris Carlevato, Wordpress | 2 Utm.codes, Wordpress | 2026-06-29 | 6.4 Medium |
| Subscriber Server Side Request Forgery (SSRF) in utm.codes <= 1.9.0 versions. | ||||
| CVE-2026-56029 | 2 Corvuspay, Wordpress | 2 Woocommerce Payment Gateway, Wordpress | 2026-06-29 | 7.5 High |
| Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway <= 2.7.4 versions. | ||||
| CVE-2026-56033 | 2 Dokan Multivendor Plugin, Wordpress | 2 Dokan Pro, Wordpress | 2026-06-29 | 9.8 Critical |
| Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions. | ||||
| CVE-2026-56035 | 2 Cory Marsh, Wordpress | 2 Bitfire Security, Wordpress | 2026-06-29 | 8.6 High |
| Unauthenticated Multiple Vulnerabilities in BitFire Security <= 5.0.3 versions. | ||||
| CVE-2026-56036 | 2 Codemstory, Wordpress | 2 워드프레스 결제 심플페이, Wordpress | 2026-06-29 | 9.3 Critical |
| Unauthenticated SQL Injection in 워드프레스 결제 심플페이 <= 5.5.6 versions. | ||||
| CVE-2026-56038 | 2 Frisbii, Wordpress | 2 Frisbii Pay, Wordpress | 2026-06-29 | 8.8 High |
| Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions. | ||||
| CVE-2026-56039 | 2 Wordpress, Wordpress.com | 2 Wordpress, Quick Interest Slider | 2026-06-29 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Quick Interest Slider <= 3.1.6 versions. | ||||
| CVE-2026-56040 | 2 Wordpress, Wordpress.com | 2 Wordpress, Gutenverse Form | 2026-06-29 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Gutenverse Form <= 2.4.7 versions. | ||||
| CVE-2026-56047 | 2 Perfmatters, Powered Kinsta + Generatepress Docs Changelog Feature Requests Legal Affiliate Contact, Wordpress | 2 Perfmatters, Wordpress | 2026-06-29 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in perfmatters <= 2.6.3 versions. | ||||
| CVE-2026-56059 | 2 Physcode, Wordpress | 2 Travel Booking, Wordpress | 2026-06-29 | 9.9 Critical |
| Subscriber Arbitrary File Upload in Travel Booking <= 2.2.5 versions. | ||||
| CVE-2026-56062 | 2 Oooorgle, Wordpress | 2 Quotes Llama, Wordpress | 2026-06-29 | 9.3 Critical |
| Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions. | ||||
| CVE-2026-56063 | 2 Bplugins, Wordpress | 2 Mailchimp Block, Wordpress | 2026-06-29 | 8.3 High |
| Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions. | ||||
| CVE-2026-56069 | 2 Site Building With Toolset, Wordpress | 2 Toolset Forms, Wordpress | 2026-06-29 | 7.5 High |
| Unauthenticated Insecure Direct Object References (IDOR) in Toolset Forms <= 2.6.24 versions. | ||||
| CVE-2026-57316 | 2 Roxnor, Wordpress | 2 Getgenie, Wordpress | 2026-06-29 | 6.5 Medium |
| Subscriber Sensitive Data Exposure in GetGenie <= 4.4.2 versions. | ||||
| CVE-2026-57321 | 2 Icc0rz, Wordpress | 2 H5p, Wordpress | 2026-06-29 | 7.1 High |
| Contributor Arbitrary File Deletion in H5P <= 1.17.7 versions. | ||||
| CVE-2026-57323 | 2 Bplugins, Wordpress | 2 Flash & Html5 Video, Wordpress | 2026-06-29 | 5.8 Medium |
| Unauthenticated Broken Access Control in Flash & HTML5 Video <= 2.11.0 versions. | ||||
| CVE-2026-57325 | 2 Jellywp, Wordpress | 2 Nanomag, Wordpress | 2026-06-29 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in NanoMag <= 1.8 versions. | ||||
| CVE-2026-57430 | 2 Seopress Free, Wordpress | 2 Seopress Pro, Wordpress | 2026-06-29 | 4.3 Medium |
| Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions. | ||||
| CVE-2026-57618 | 2 Themeisle, Wordpress | 2 Neve Pro, Wordpress | 2026-06-29 | 6.5 Medium |
| Contributor Cross Site Scripting (XSS) in Neve PRO <= 3.1.2 versions. | ||||
| CVE-2026-57627 | 2 Themeum, Wordpress | 2 Kirki, Wordpress | 2026-06-29 | 4.9 Medium |
| Subscriber Server Side Request Forgery (SSRF) in Kirki <= 6.0.11 versions. | ||||