Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-56028 Vulnerability in privilege-escalation (CVE-2026-56028)
vulnerability in privilege-escalation (CVE-2026-56028). Successful exploitation can lead to full system takeover.
CVE-2026-56033 Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.
Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.
CVE-2026-56038 Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
CVE-2026-4339 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-4339)
SSRF in ssrf (CVE-2026-4339). Confidential information can be exposed externally.
CVE-2026-54820 Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
CVE-2026-54825 Unauthenticated SQL Injection in wpDataTables <= 7.4 versions.
Unauthenticated SQL Injection in wpDataTables <= 7.4 versions.
CVE-2026-54831 Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions.
Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions.
CVE-2026-54827 Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions.
Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions.
CVE-2026-56011 Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.
Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.
CVE-2026-56008 Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
CVE-2026-56010 Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
CVE-2026-30041 Vulnerability in dos (CVE-2026-30041)
vulnerability in dos (CVE-2026-30041). Risk of unauthorized operations or information disclosure.
CVE-2026-45256 Privilege Escalation in dos (CVE-2026-45256)
vulnerability in dos (CVE-2026-45256). Risk of unauthorized operations or information disclosure.
CVE-2026-57940 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57940)
SSRF in ssrf (CVE-2026-57940). Risk of unauthorized operations or information disclosure.
CVE-2025-68074 Contributor Cross Site Scripting (XSS) in Image Carousel <= 1.0.0.41 versions.
Contributor Cross Site Scripting (XSS) in Image Carousel <= 1.0.0.41 versions.
CVE-2025-68075 Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions.
Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions.
CVE-2025-68052 Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
CVE-2026-13426 Path Traversal in c (CVE-2026-13426)
path traversal in c (CVE-2026-13426). Risk of unauthorized operations or information disclosure.
CVE-2025-55017 Path Traversal in apache (CVE-2025-55017)
path traversal in apache (CVE-2025-55017). Confidential information can be exposed externally.
CVE-2025-64152 Path Traversal in apache (CVE-2025-64152)
path traversal in apache (CVE-2025-64152). Confidential information can be exposed externally.
CVE-2026-53914 Unsafe Deserialization in deserialization (CVE-2026-53914)
vulnerability in deserialization (CVE-2026-53914). Confidential information can be exposed externally.
CVE-2026-57914 Vulnerability in apache (CVE-2026-57914)
vulnerability in apache (CVE-2026-57914). Risk of unauthorized operations or information disclosure.
CVE-2026-57620 Cross-Site Scripting (XSS) in CVE-2026-57620 (CVE-2026-57620)
cross-site scripting in CVE-2026-57620 (CVE-2026-57620). Risk of unauthorized operations or information disclosure.
CVE-2026-6658 Cross-Site Scripting (XSS) in CVE-2026-6658 (CVE-2026-6658)
cross-site scripting in CVE-2026-6658 (CVE-2026-6658). Risk of unauthorized operations or information disclosure. Exploitable via ``data_mermaid``.
CVE-2026-57879 Vulnerability in dos (CVE-2026-57879)
vulnerability in dos (CVE-2026-57879). Successful exploitation can lead to full system takeover.
CVE-2026-57878 Vulnerability in dos (CVE-2026-57878)
vulnerability in dos (CVE-2026-57878). Successful exploitation can lead to full system takeover.
CVE-2026-57877 Vulnerability in dos (CVE-2026-57877)
vulnerability in dos (CVE-2026-57877). Risk of unauthorized operations or information disclosure.
CVE-2026-57881 Vulnerability in dos (CVE-2026-57881)
vulnerability in dos (CVE-2026-57881). Successful exploitation can lead to full system takeover.
CVE-2026-57880 Vulnerability in dos (CVE-2026-57880)
vulnerability in dos (CVE-2026-57880). Successful exploitation can lead to full system takeover.
CVE-2026-57873 Vulnerability in dos (CVE-2026-57873)
vulnerability in dos (CVE-2026-57873). Risk of unauthorized operations or information disclosure.
CVE-2026-57874 Vulnerability in dos (CVE-2026-57874)
vulnerability in dos (CVE-2026-57874). Risk of unauthorized operations or information disclosure.
CVE-2026-57875 Vulnerability in dos (CVE-2026-57875)
vulnerability in dos (CVE-2026-57875). Risk of unauthorized operations or information disclosure.
CVE-2026-57876 Out-of-Bounds Write in dos (CVE-2026-57876)
out-of-bounds write in dos (CVE-2026-57876). Risk of unauthorized operations or information disclosure.
CVE-2026-10835 Vulnerability in wordpress (CVE-2026-10835)
vulnerability in wordpress (CVE-2026-10835). Confidential information can be exposed externally.
CVE-2025-10268 Vulnerability in wordpress (CVE-2025-10268)
vulnerability in wordpress (CVE-2025-10268). Risk of unauthorized operations or information disclosure.
CVE-2026-57872 Path Traversal in path-traversal (CVE-2026-57872)
path traversal in path-traversal (CVE-2026-57872). Confidential information can be exposed externally.
CVE-2026-12578 Unsafe Deserialization in cisa (CVE-2026-12578)
vulnerability in cisa (CVE-2026-12578). Risk of unauthorized operations or information disclosure.
CVE-2026-40702 Vulnerability in cisa (CVE-2026-40702)
vulnerability in cisa (CVE-2026-40702). Confidential information can be exposed externally.
CVE-2026-8661 Cross-Site Scripting (XSS) in CVE-2026-8661 (CVE-2026-8661)
cross-site scripting in CVE-2026-8661 (CVE-2026-8661). Risk of unauthorized operations or information disclosure.
CVE-2026-50740 Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50740)
cross-site scripting in revive-adserver (CVE-2026-50740). Risk of unauthorized operations or information disclosure.
CVE-2026-50742 Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50742)
cross-site scripting in revive-adserver (CVE-2026-50742). Risk of unauthorized operations or information disclosure.
CVE-2026-48618 Vulnerability in nodejs (CVE-2026-48618)
vulnerability in nodejs (CVE-2026-48618). Confidential information can be exposed externally.
CVE-2026-13226 SQL Injection in wordpress (CVE-2026-13226)
SQL injection in wordpress (CVE-2026-13226). Confidential information can be exposed externally.
CVE-2026-13318 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13318)
SSRF in ssrf (CVE-2026-13318). Risk of unauthorized operations or information disclosure.
CVE-2026-13083 Cross-Site Scripting (XSS) in redhat (CVE-2026-13083)
cross-site scripting in redhat (CVE-2026-13083). Confidential information can be exposed externally.
CVE-2026-12975 XXE (XML External Entity) in ssrf (CVE-2026-12975)
vulnerability in ssrf (CVE-2026-12975). Risk of unauthorized operations or information disclosure.
CVE-2026-11800 Vulnerability in privilege-escalation (CVE-2026-11800)
vulnerability in privilege-escalation (CVE-2026-11800). Confidential information can be exposed externally.
CVE-2025-71334 Vulnerability in flowiseai (CVE-2025-71334)
vulnerability in flowiseai (CVE-2025-71334). Successful exploitation can lead to full system takeover.
CVE-2025-71336 OS Command Injection in flowiseai (CVE-2025-71336)
OS command injection in flowiseai (CVE-2025-71336). Successful exploitation can lead to full system takeover.
CVE-2025-71338 Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →