Export limit exceeded: 358367 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358367 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40781 | 2 Reviewx, Wordpress | 2 Reviewx, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Broken Authentication in ReviewX <= 2.3.6 versions. | ||||
| CVE-2026-40782 | 2 Greg Winiarski, Wordpress | 2 Wpadverts, Wordpress | 2026-06-16 | 6.5 Medium |
| Unauthenticated Broken Access Control in WPAdverts <= 2.3.0 versions. | ||||
| CVE-2026-40787 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.0.0 versions. | ||||
| CVE-2026-40788 | 2 Quantumcloud, Wordpress | 2 Chatbot, Wordpress | 2026-06-16 | 7.1 High |
| Subscriber Broken Access Control in ChatBot <= 7.9.7 versions. | ||||
| CVE-2026-40791 | 2 Codepeople, Wordpress | 2 Wp Time Slots Booking Form, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form <= 1.2.46 versions. | ||||
| CVE-2026-40794 | 2 Mycred, Wordpress | 2 Mycred, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Broken Access Control in myCred <= 3.0.3 versions. | ||||
| CVE-2026-40798 | 2 Tomdever, Wordpress | 2 Wpforo Forum, Wordpress | 2026-06-16 | 9.3 Critical |
| Unauthenticated SQL Injection in wpForo Forum <= 3.0.4 versions. | ||||
| CVE-2026-42386 | 2 Tychesoftwares, Wordpress | 2 Order Delivery Date For Woocommerce, Wordpress | 2026-06-16 | 9.3 Critical |
| Unauthenticated SQL Injection in Order Delivery Date for WooCommerce <= 4.5.1 versions. | ||||
| CVE-2026-42639 | 2 Dev4press, Wordpress | 2 Gd Rating System, Wordpress | 2026-06-16 | 9.3 Critical |
| Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions. | ||||
| CVE-2026-42658 | 2 Mamunur Rashid, Wordpress | 2 Classified Listing, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.3.8 versions. | ||||
| CVE-2025-24252 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-16 | 8.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory. | ||||
| CVE-2026-42663 | 2 Wordpress, Wp.insider | 2 Wordpress, Simple Membership | 2026-06-16 | 6.5 Medium |
| Unauthenticated Cross Site Scripting (XSS) in Simple Membership <= 4.7.2 versions. | ||||
| CVE-2026-42667 | 2 Bookly, Wordpress | 2 Bookly, Wordpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Bookly <= 27.4 versions. | ||||
| CVE-2026-42688 | 2 Wordpress, Wpchill | 2 Wordpress, Modula Image Gallery | 2026-06-16 | 6.5 Medium |
| Subscriber Cross Site Scripting (XSS) in Modula Image Gallery <= 2.14.23 versions. | ||||
| CVE-2025-32975 | 1 Quest | 1 Kace Systems Management Appliance | 2026-06-16 | 10 Critical |
| Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover. | ||||
| CVE-2026-42775 | 2 Automatorwp, Wordpress | 2 Automatorwp, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.7.2 versions. | ||||
| CVE-2026-34892 | 2 Rank Math Seo, Wordpress | 2 Rank Math Seo, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Broken Access Control in Rank Math SEO <= 1.0.271 versions. | ||||
| CVE-2026-39435 | 2 Bgermann, Wordpress | 2 Cformsii, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in CformsII <= 15.1.3 versions. | ||||
| CVE-2026-39449 | 2 Itpathsolutions, Wordpress | 2 Contact Form To Any Api, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Contact Form to Any API <= 3.0.3 versions. | ||||
| CVE-2026-39463 | 2 Managewp, Wordpress | 2 Managewp Worker, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in ManageWP Worker <= 4.9.31 versions. | ||||