Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-27395 |
|
Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions.
Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions.
|
| CVE-2026-39438 |
|
Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions.
Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions.
|
| CVE-2026-28576 |
|
SQL Injection in sqli (CVE-2026-28576)
SQL injection in sqli (CVE-2026-28576). Confidential information can be exposed externally.
|
| CVE-2026-2604 |
|
Vulnerability in path-traversal (CVE-2026-2604)
vulnerability in path-traversal (CVE-2026-2604). Data can be tampered with by attackers.
|
| CVE-2026-27869 |
|
Vulnerability in dos (CVE-2026-27869)
vulnerability in dos (CVE-2026-27869). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28575 |
|
Vulnerability in dos (CVE-2026-28575)
vulnerability in dos (CVE-2026-28575). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27410 |
|
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
|
| CVE-2026-22328 |
|
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
|
| CVE-2026-22339 |
|
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
|
| CVE-2026-22329 |
|
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
|
| CVE-2026-22342 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
|
| CVE-2026-22332 |
|
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.
|
| CVE-2026-22335 |
|
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
|
| CVE-2026-22340 |
|
Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.
Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.
|
| CVE-2026-12449 |
|
Use-After-Free in privilege-escalation (CVE-2026-12449)
vulnerability in privilege-escalation (CVE-2026-12449). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12448 |
|
Privilege Escalation in privilege-escalation (CVE-2026-12448)
vulnerability in privilege-escalation (CVE-2026-12448). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11975 |
|
Cross-Site Scripting (XSS) in CVE-2026-11975 (CVE-2026-11975)
cross-site scripting in CVE-2026-11975 (CVE-2026-11975). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12165 |
|
Privilege Escalation in wordpress (CVE-2026-12165)
vulnerability in wordpress (CVE-2026-12165). Successful exploitation can lead to full system takeover. Exploitable via ``RegistryUserRole``.
|
| CVE-2026-11858 |
|
Vulnerability in csharp (CVE-2026-11858)
vulnerability in csharp (CVE-2026-11858). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11857 |
|
Unsafe Deserialization in csharp (CVE-2026-11857)
vulnerability in csharp (CVE-2026-11857). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12360 |
|
SQL Injection in wordpress (CVE-2026-12360)
SQL injection in wordpress (CVE-2026-12360). Confidential information can be exposed externally.
|
| CVE-2026-10094 |
|
Path Traversal in path-traversal (CVE-2026-10094)
path traversal in path-traversal (CVE-2026-10094). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12199 |
|
Vulnerability in dos (CVE-2026-12199)
vulnerability in dos (CVE-2026-12199). Risk of unauthorized operations or information disclosure. Exploitable via ``nltk.app.wordnet_app``.
|
| CVE-2026-0064 |
|
Vulnerability in dos (CVE-2026-0064)
vulnerability in dos (CVE-2026-0064). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12115 |
|
Unsafe Deserialization in wordpress (CVE-2026-12115)
vulnerability in wordpress (CVE-2026-12115). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69151 |
|
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
|
| CVE-2025-69179 |
|
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
|
| CVE-2025-69135 |
|
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
|
| CVE-2025-69104 |
|
Unauthenticated Cross Site Scripting (XSS) in Qreatix <= 1.9.4 versions.
Unauthenticated Cross Site Scripting (XSS) in Qreatix <= 1.9.4 versions.
|
| CVE-2025-69138 |
|
Subscriber Privilege Escalation in Genemy <= 1.6.6 versions.
Subscriber Privilege Escalation in Genemy <= 1.6.6 versions.
|
| CVE-2025-59560 |
|
Unauthenticated Cross Site Scripting (XSS) in Sonaar <= 4.27.4 versions.
Unauthenticated Cross Site Scripting (XSS) in Sonaar <= 4.27.4 versions.
|
| CVE-2024-49269 |
|
Unauthenticated Cross Site Scripting (XSS) in my flatonica <= 0.0.8 versions.
Unauthenticated Cross Site Scripting (XSS) in my flatonica <= 0.0.8 versions.
|
| CVE-2025-31013 |
|
Cross-Site Scripting (XSS) in CVE-2025-31013 (CVE-2025-31013)
cross-site scripting in CVE-2025-31013 (CVE-2025-31013). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-34810 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-34810)
vulnerability in csrf (CVE-2024-34810). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-35648 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-35648)
vulnerability in csrf (CVE-2024-35648). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-59563 |
|
Subscriber Privilege Escalation in Sonaar <= 4.27.4 versions.
Subscriber Privilege Escalation in Sonaar <= 4.27.4 versions.
|
| CVE-2024-32729 |
|
Path Traversal in path-traversal (CVE-2024-32729)
path traversal in path-traversal (CVE-2024-32729). Confidential information can be exposed externally.
|
| CVE-2026-46932 |
|
Vulnerability in c (CVE-2026-46932)
vulnerability in c (CVE-2026-46932). Confidential information can be exposed externally.
|
| CVE-2026-46914 |
|
Privilege Escalation in c (CVE-2026-46914)
vulnerability in c (CVE-2026-46914). Confidential information can be exposed externally.
|
| CVE-2026-46910 |
|
Vulnerability in c (CVE-2026-46910)
vulnerability in c (CVE-2026-46910). Confidential information can be exposed externally.
|
| CVE-2026-46897 |
|
Vulnerability in c (CVE-2026-46897)
vulnerability in c (CVE-2026-46897). Confidential information can be exposed externally.
|
| CVE-2026-46901 |
|
Privilege Escalation in c (CVE-2026-46901)
vulnerability in c (CVE-2026-46901). Confidential information can be exposed externally.
|
| CVE-2026-46866 |
|
Vulnerability in c (CVE-2026-46866)
vulnerability in c (CVE-2026-46866). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46872 |
|
Vulnerability in c (CVE-2026-46872)
vulnerability in c (CVE-2026-46872). Data can be tampered with by attackers.
|
| CVE-2026-46863 |
|
Vulnerability in c (CVE-2026-46863)
vulnerability in c (CVE-2026-46863). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46858 |
|
Vulnerability in c (CVE-2026-46858)
vulnerability in c (CVE-2026-46858). Data can be tampered with by attackers.
|
| CVE-2026-46862 |
|
Vulnerability in c (CVE-2026-46862)
vulnerability in c (CVE-2026-46862). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46776 |
|
Vulnerability in c (CVE-2026-46776)
vulnerability in c (CVE-2026-46776). Data can be tampered with by attackers.
|
| CVE-2026-46768 |
|
Vulnerability in c (CVE-2026-46768)
vulnerability in c (CVE-2026-46768). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35314 |
|
Vulnerability in c (CVE-2026-35314)
vulnerability in c (CVE-2026-35314). Risk of unauthorized operations or information disclosure.
|