Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-13040 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13040)
cross-site scripting in wordpress (CVE-2026-13040). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9676 |
|
Vulnerability in wordpress (CVE-2026-9676)
vulnerability in wordpress (CVE-2026-9676). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6292 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6292)
vulnerability in wordpress (CVE-2026-6292). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7859 |
|
Vulnerability in wordpress (CVE-2026-7859)
vulnerability in wordpress (CVE-2026-7859). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10034 |
|
Vulnerability in wordpress (CVE-2026-10034)
vulnerability in wordpress (CVE-2026-10034). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22342 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
|
| CVE-2016-20083 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20083)
vulnerability in wordpress (CVE-2016-20083). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11603 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11603)
cross-site scripting in wordpress (CVE-2026-11603). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10553 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10553)
vulnerability in wordpress (CVE-2026-10553). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6455 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6455)
vulnerability in wordpress (CVE-2026-6455). Data can be tampered with by attackers.
|
| CVE-2026-7533 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7533)
vulnerability in wordpress (CVE-2026-7533). Risk of unauthorized operations or information disclosure. Exploitable via ``admin_init``.
|
| CVE-2026-35220 |
|
Cross-Site Request Forgery (CSRF) in joomla (CVE-2026-35220)
vulnerability in joomla (CVE-2026-35220). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.1.1` or later.
|
| CVE-2026-8174 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8174)
vulnerability in wordpress (CVE-2026-8174). Data can be tampered with by attackers.
|
| CVE-2026-6405 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6405)
vulnerability in wordpress (CVE-2026-6405). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4094 |
|
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to...
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to...
|
| CVE-2017-1000224 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-1000224)
vulnerability in wordpress (CVE-2017-1000224). Data can be tampered with by attackers.
|
| CVE-2015-5533 |
|
SQL Injection in wordpress (CVE-2015-5533)
SQL injection in wordpress (CVE-2015-5533). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15808 |
|
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
|
| CVE-2017-15734 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
|
| CVE-2017-15733 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15733)
vulnerability in csrf (CVE-2017-15733). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15732 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
|
| CVE-2017-15731 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
|
| CVE-2017-15730 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
|
| CVE-2017-15729 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
|
| CVE-2017-15735 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
|
| CVE-2015-9233 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-9233)
vulnerability in wordpress (CVE-2015-9233). Successful exploitation can lead to full system takeover.
|
| CVE-2015-4089 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-4089)
vulnerability in wordpress (CVE-2015-4089). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14530 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-14530)
vulnerability in wordpress (CVE-2017-14530). Successful exploitation can lead to full system takeover.
|
| CVE-2015-4697 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-4697)
vulnerability in wordpress (CVE-2015-4697). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12949 |
|
SQL Injection in wordpress (CVE-2017-12949)
SQL injection in wordpress (CVE-2017-12949). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12651 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-12651)
vulnerability in wordpress (CVE-2017-12651). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
|
| CVE-2017-9934 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2017-9934)
cross-site scripting in csrf (CVE-2017-9934). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4904 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-4904)
vulnerability in wordpress (CVE-2016-4904). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9064 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-9064)
vulnerability in wordpress (CVE-2017-9064). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8875 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-8875)
vulnerability in wordpress (CVE-2017-8875). Data can be tampered with by attackers.
|
| CVE-2017-8100 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-8100)
vulnerability in wordpress (CVE-2017-8100). Data can be tampered with by attackers.
|
| CVE-2017-8099 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-8099)
vulnerability in wordpress (CVE-2017-8099). Data can be tampered with by attackers.
|
| CVE-2017-6379 |
|
Cross-Site Request Forgery (CSRF) in drupal (CVE-2017-6379)
vulnerability in drupal (CVE-2017-6379). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6819 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-6819)
vulnerability in wordpress (CVE-2017-6819). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6897 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-6897)
vulnerability in wordpress (CVE-2016-6897). Confidential information can be exposed externally.
|
| CVE-2017-5492 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-5492)
vulnerability in wordpress (CVE-2017-5492). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5489 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-5489)
vulnerability in wordpress (CVE-2017-5489). Successful exploitation can lead to full system takeover.
|