Live
2026年7月8日
Sources: NVD · GHSA · OSV · CISA KEV · JVN
ログイン
新規登録
JA
·
EN
·
FR
SecPulse
v1
脆弱性
KEV
タグ
カテゴリ
脆弱性
KEV
タグ
カテゴリ
ホーム
/
カテゴリ
/
CMS/サイトビルダー
📝
CMS/サイトビルダー
slug: cms
🛡 関連する脆弱性
33
ID
タイトル
重要度
検知
CVE-2026-58054
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
High
1週間前
CVE-2026-3652
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
High
2週間前
CVE-2026-46489
SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, the company logo upload feature accepts any file type without validation. An authenticated administrator can upload an SVG f...
High
3週間前
CVE-2026-5415
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
High
1ヶ月前
CVE-2026-5411
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
High
1ヶ月前
CVE-2026-46392
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0 of HAX CMS PHP, the `saveFile` endpoint validates upload extensions case-insensitively and writes the filen...
High
1ヶ月前
CVE-2026-1829
The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...
High
1ヶ月前
CVE-2026-39555
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. ...
High
1ヶ月前
CVE-2026-39553
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
1ヶ月前
CVE-2026-39552
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
1ヶ月前
CVE-2025-69369
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
1ヶ月前
CVE-2025-68886
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
1ヶ月前
CVE-2025-11262
The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
High
1ヶ月前
CVE-2026-42762
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
1ヶ月前
CVE-2026-42760
Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and...
High
1ヶ月前
CVE-2026-42753
Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows...
High
1ヶ月前
CVE-2026-42745
Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online...
High
1ヶ月前
CVE-2026-42737
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
1ヶ月前
CVE-2026-42736
Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp...
High
1ヶ月前
CVE-2026-42735
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare...
High
1ヶ月前
CVE-2026-42730
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
1ヶ月前
CVE-2026-46367
Duplicate Advisory: phpMyFAQ: Stored XSS via Utils::parseUrl() in comment rendering
High
1ヶ月前
CVE-2026-46407
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the backend admin/auth-token endpoint allows an authenticated administrator to...
High
1ヶ月前
CVE-2026-46408
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the checkout endpoint accepts a user-controlled cart_id and uses it to enter t...
High
1ヶ月前
CVE-2026-46366
phpMyFAQ has unauthenticated FAQ permission bypass via getFaqBySolutionId fallback query
High
1ヶ月前
CVE-2026-46359
phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields
High
1ヶ月前
CVE-2026-44826
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add...
High
1ヶ月前
CVE-2021-47964
Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated...
High
1ヶ月前
CVE-2021-47959
WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows...
High
1ヶ月前
CVE-2026-4094
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to...
High
1ヶ月前
« Previous
Next »
Showing
1
to
30
of
33
results
1
2
🍪 Cookie について
当サイトはログイン状態の保持・言語設定・サービス改善のために Cookie を使用します。詳細は下記リンクをご確認ください。
すべて受け入れる
必須のみ
詳細 →