Export limit exceeded: 363775 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363775 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363775 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-11946 1 Open62541 1 Open62541 2026-07-06 7.5 High
An unauthenticated remote attacker can exhaust server memory via the GetEndpoints Discovery Service in open62541. The endpointUrl field of GetEndpointsRequest is not validated for length. An attacker can declare an arbitrarily large string (up to ~4.09 GB via the UInt32 length field) delivered across intermediate chunks without ever sending the final chunk. The server buffers all chunks in RAM indefinitely until the SecureChannel times out. The attack is pre-session and bypasses all encryption configurations. The issue affects open62541: from 1.4.0 through 1.4.16, from 1.5.0 through 1.5.4, master.
CVE-2025-69132 2 Wordpress, Zozothemes 2 Wordpress, Corpkit 2026-07-06 6.5 Medium
Subscriber Sensitive Data Exposure in Corpkit <= 1.0.5 versions.
CVE-2025-69134 2 Merkulove, Wordpress 2 Openai Chatbot For Wordpress – Helper, Wordpress 2026-07-06 7.5 High
Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions.
CVE-2025-69152 2 Themegoods, Wordpress 2 Artale | Wedding Photography Wordpress, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Artale | Wedding Photography WordPress <= 2.2.2 versions.
CVE-2025-69153 2 Designthemes, Wordpress 2 Trendy Travel, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Trendy Travel <= 6.7 versions.
CVE-2025-69154 2 Designthemes, Wordpress 2 Spalab | Beauty Salon Wordpress Theme, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in SpaLab | Beauty Salon WordPress Theme <= 6.7 versions.
CVE-2025-69155 2 Designthemes, Wordpress 2 Fitness Zone Wordpress Theme, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Fitness Zone WordPress Theme <= 5.7 versions.
CVE-2025-69156 2 Design Themes, Wordpress 2 Kids Zone - Children Wordpress Theme, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Kids Zone - Children WordPress Theme <= 5.4 versions.
CVE-2026-27402 2 Designthemes, Wordpress 2 Kids Life | Children School Wordpress, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Kids Life | Children School WordPress <= 5.2 versions.
CVE-2026-27404 2 Designthemes, Wordpress 2 Lms, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in LMS <= 9.7 versions.
CVE-2026-27408 2 Imithemes, Wordpress 2 Nativechurch, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in NativeChurch <= 4.8.8.2 versions.
CVE-2026-27412 2 Stylemixthemes, Wordpress 2 Pearl - Corporate Business, Wordpress 2026-07-06 8.1 High
Unauthenticated Local File Inclusion in Pearl - Corporate Business <= 3.4.10 versions.
CVE-2026-27414 2 Fuelthemes, Wordpress 2 Werkstatt, Wordpress 2026-07-06 8.8 High
Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.
CVE-2026-27425 2 Themesuite, Wordpress 2 Automotive Listings, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Automotive Listings <= 18.6 versions.
CVE-2026-27430 2 Tranmautritam, Wordpress 2 Thefox, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in TheFox <= 3.9.76 versions.
CVE-2026-39448 2 Coderpress, Wordpress 2 Nowpayments For Woocommerce, Wordpress 2026-07-06 7.5 High
Unauthenticated Broken Access Control in NOWPayments for WooCommerce <= 1.4.0 versions.
CVE-2026-49779 2 Addify, Wordpress 2 Tax Exempt For Woocommerce, Wordpress 2026-07-06 6.5 Medium
Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 versions.
CVE-2026-57350 2 Andy Fragen, Wordpress 2 Wp Debugging, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in WP Debugging <= 2.12.2 versions.
CVE-2026-57354 2 Crocoblock. Jetimpex Inc., Wordpress 2 Jetreviews, Wordpress 2026-07-06 6.5 Medium
Subscriber Cross Site Scripting (XSS) in JetReviews <= 3.0.0.1 versions.
CVE-2026-57357 2 Search Atlas Group, Wordpress 2 Search Atlas Seo, Wordpress 2026-07-06 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Search Atlas SEO <= 2.6.6 versions.