Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9082 KEV |
|
[KEV] SQL Injection in drupal/core (CVE-2026-9082)
SQL injection in drupal/core (CVE-2026-9082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `10.4.10, 10.5.10, 10.6.9, 11.1.10, 11.2.12, 11.3.10` or later.
|
| CVE-2026-41940 KEV |
|
[KEV] Vulnerability in Webpros cpanel-whm-and-wp2-wordpress-squared (CVE-2026-41940)
vulnerability in Webpros cpanel-whm-and-wp2-wordpress-squared (CVE-2026-41940). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-54236 KEV |
|
[KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|
| CVE-2023-23752 KEV |
|
[KEV] Vulnerability in Joomla! joomla (CVE-2023-23752)
vulnerability in Joomla! joomla (CVE-2023-23752). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-7602 KEV |
|
[KEV] Vulnerability in Drupal core (CVE-2018-7602)
vulnerability in Drupal core (CVE-2018-7602). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-6340 KEV |
|
[KEV] Unsafe Deserialization in Drupal core (CVE-2019-6340)
vulnerability in Drupal core (CVE-2019-6340). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-13671 KEV |
|
[KEV] Unrestricted File Upload in drupal (CVE-2020-13671)
vulnerability in drupal (CVE-2020-13671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-25213 KEV |
|
[KEV] Unrestricted File Upload in Wordpress file-manager-plugin (CVE-2020-25213)
vulnerability in Wordpress file-manager-plugin (CVE-2020-25213). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-11738 KEV |
|
[KEV] Path Traversal in Wordpress snap-creek-duplicator-plugin (CVE-2020-11738)
path traversal in Wordpress snap-creek-duplicator-plugin (CVE-2020-11738). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-9978 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Wordpress social-warfare-plugin (CVE-2019-9978)
cross-site scripting in Wordpress social-warfare-plugin (CVE-2019-9978). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-7600 KEV |
|
[KEV] Vulnerability in drupal (CVE-2018-7600)
vulnerability in drupal (CVE-2018-7600). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|