Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-39433 |
|
Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.
Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.
|
| CVE-2026-28615 |
|
Vulnerability in google (CVE-2026-28615)
vulnerability in google (CVE-2026-28615). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28587 |
|
Vulnerability in google (CVE-2026-28587)
vulnerability in google (CVE-2026-28587). Confidential information can be exposed externally.
|
| CVE-2026-27400 |
|
Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions.
Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions.
|
| CVE-2026-28575 |
|
Vulnerability in dos (CVE-2026-28575)
vulnerability in dos (CVE-2026-28575). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27869 |
|
Vulnerability in dos (CVE-2026-27869)
vulnerability in dos (CVE-2026-27869). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27429 |
|
Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.
Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.
|
| CVE-2026-27410 |
|
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
|
| CVE-2026-39443 |
|
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
|
| CVE-2026-39446 |
|
Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
|
| CVE-2026-25470 |
|
Code Injection in wordpress (CVE-2026-25470)
code injection in wordpress (CVE-2026-25470). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12466 |
|
Vulnerability in google (CVE-2026-12466)
vulnerability in google (CVE-2026-12466). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24575 |
|
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
|
| CVE-2026-24611 |
|
Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions.
Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions.
|
| CVE-2026-24610 |
|
Subscriber Broken Access Control in MetForm Pro <= 3.9.1 versions.
Subscriber Broken Access Control in MetForm Pro <= 3.9.1 versions.
|
| CVE-2026-22343 |
|
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
|
| CVE-2026-22334 |
|
Subscriber Arbitrary File Download in Woocommerce Book Price <= 1.3 versions.
Subscriber Arbitrary File Download in Woocommerce Book Price <= 1.3 versions.
|
| CVE-2026-12468 |
|
Vulnerability in google (CVE-2026-12468)
vulnerability in google (CVE-2026-12468). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22327 |
|
Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions.
Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions.
|
| CVE-2026-22342 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
|
| CVE-2026-22325 |
|
Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions.
Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions.
|
| CVE-2026-22338 |
|
Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.
Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.
|
| CVE-2026-22331 |
|
Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions.
Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions.
|
| CVE-2026-22330 |
|
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
|
| CVE-2026-22326 |
|
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
|
| CVE-2026-12467 |
|
Use-After-Free in Google chrome (CVE-2026-12467)
vulnerability in Google chrome (CVE-2026-12467). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22332 |
|
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.
|
| CVE-2026-22335 |
|
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
|
| CVE-2026-22340 |
|
Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.
Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.
|
| CVE-2026-22328 |
|
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
|
| CVE-2026-22339 |
|
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
|
| CVE-2026-22329 |
|
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
|
| CVE-2026-12451 |
|
Use-After-Free in google (CVE-2026-12451)
vulnerability in google (CVE-2026-12451). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12452 |
|
Use-After-Free in google (CVE-2026-12452)
vulnerability in google (CVE-2026-12452). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12464 |
|
Use-After-Free in google (CVE-2026-12464)
vulnerability in google (CVE-2026-12464). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12449 |
|
Use-After-Free in privilege-escalation (CVE-2026-12449)
vulnerability in privilege-escalation (CVE-2026-12449). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12462 |
|
Use-After-Free in google (CVE-2026-12462)
vulnerability in google (CVE-2026-12462). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12445 |
|
Use-After-Free in google (CVE-2026-12445)
vulnerability in google (CVE-2026-12445). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12443 |
|
Use-After-Free in google (CVE-2026-12443)
vulnerability in google (CVE-2026-12443). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12455 |
|
Use-After-Free in google (CVE-2026-12455)
vulnerability in google (CVE-2026-12455). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12459 |
|
Cross-Site Scripting (XSS) in google (CVE-2026-12459)
cross-site scripting in google (CVE-2026-12459). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12463 |
|
Cross-Site Scripting (XSS) in google (CVE-2026-12463)
cross-site scripting in google (CVE-2026-12463). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12461 |
|
Out-of-Bounds Read in google (CVE-2026-12461)
vulnerability in google (CVE-2026-12461). Confidential information can be exposed externally.
|
| CVE-2026-12444 |
|
Out-of-Bounds Read in google (CVE-2026-12444)
vulnerability in google (CVE-2026-12444). Confidential information can be exposed externally.
|
| CVE-2026-12453 |
|
Vulnerability in google (CVE-2026-12453)
vulnerability in google (CVE-2026-12453). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12456 |
|
Vulnerability in google (CVE-2026-12456)
vulnerability in google (CVE-2026-12456). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12465 |
|
Vulnerability in google (CVE-2026-12465)
vulnerability in google (CVE-2026-12465). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12446 |
|
Authorization Flaw in google (CVE-2026-12446)
vulnerability in google (CVE-2026-12446). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12447 |
|
Vulnerability in google (CVE-2026-12447)
vulnerability in google (CVE-2026-12447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12454 |
|
Vulnerability in google (CVE-2026-12454)
vulnerability in google (CVE-2026-12454). Successful exploitation can lead to full system takeover.
|