Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2016-20084 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20084)
cross-site scripting in wordpress (CVE-2016-20084). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-25436 |
|
Unrestricted File Upload in wordpress (CVE-2018-25436)
vulnerability in wordpress (CVE-2018-25436). Successful exploitation can lead to full system takeover.
|
| CVE-2018-25437 |
|
Vulnerability in wordpress (CVE-2018-25437)
vulnerability in wordpress (CVE-2018-25437). Confidential information can be exposed externally.
|
| CVE-2019-25746 |
|
SQL Injection in wordpress (CVE-2019-25746)
SQL injection in wordpress (CVE-2019-25746). Confidential information can be exposed externally.
|
| CVE-2016-20077 |
|
Vulnerability in wordpress (CVE-2016-20077)
vulnerability in wordpress (CVE-2016-20077). Confidential information can be exposed externally.
|
| CVE-2016-20078 |
|
Vulnerability in wordpress (CVE-2016-20078)
vulnerability in wordpress (CVE-2016-20078). Confidential information can be exposed externally.
|
| CVE-2016-20079 |
|
Vulnerability in wordpress (CVE-2016-20079)
vulnerability in wordpress (CVE-2016-20079). Confidential information can be exposed externally.
|
| CVE-2016-20080 |
|
Vulnerability in wordpress (CVE-2016-20080)
vulnerability in wordpress (CVE-2016-20080). Confidential information can be exposed externally.
|
| CVE-2016-20081 |
|
Path Traversal in wordpress (CVE-2016-20081)
path traversal in wordpress (CVE-2016-20081). Confidential information can be exposed externally.
|
| CVE-2016-20082 |
|
Vulnerability in wordpress (CVE-2016-20082)
vulnerability in wordpress (CVE-2016-20082). Confidential information can be exposed externally.
|
| CVE-2016-20083 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20083)
vulnerability in wordpress (CVE-2016-20083). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20070 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20070)
cross-site scripting in wordpress (CVE-2016-20070). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20073 |
|
SQL Injection in wordpress (CVE-2016-20073)
SQL injection in wordpress (CVE-2016-20073). Confidential information can be exposed externally.
|
| CVE-2016-20074 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20074)
vulnerability in wordpress (CVE-2016-20074). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20075 |
|
Authorization Flaw in wordpress (CVE-2016-20075)
vulnerability in wordpress (CVE-2016-20075). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20076 |
|
Path Traversal in wordpress (CVE-2016-20076)
path traversal in wordpress (CVE-2016-20076). Confidential information can be exposed externally.
|
| CVE-2016-20068 |
|
SQL Injection in wordpress (CVE-2016-20068)
SQL injection in wordpress (CVE-2016-20068). Confidential information can be exposed externally.
|
| CVE-2016-20066 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20066)
cross-site scripting in wordpress (CVE-2016-20066). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5482 |
|
Unrestricted File Upload in CVE-2026-5482 (CVE-2026-5482)
vulnerability in CVE-2026-5482 (CVE-2026-5482). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12057 |
|
Vulnerability in foxit (CVE-2026-12057)
vulnerability in foxit (CVE-2026-12057). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12216 |
|
Buffer Overflow in c (CVE-2026-12216)
vulnerability in c (CVE-2026-12216). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12204 |
|
Vulnerability in CVE-2026-12204 (CVE-2026-12204)
vulnerability in CVE-2026-12204 (CVE-2026-12204). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12207 |
|
Vulnerability in CVE-2026-12207 (CVE-2026-12207)
vulnerability in CVE-2026-12207 (CVE-2026-12207). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12210 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-12210 (CVE-2026-12210)
SSRF in CVE-2026-12210 (CVE-2026-12210). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12208 |
|
Code Injection in CVE-2026-12208 (CVE-2026-12208)
code injection in CVE-2026-12208 (CVE-2026-12208). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12209 |
|
Code Injection in CVE-2026-12209 (CVE-2026-12209)
code injection in CVE-2026-12209 (CVE-2026-12209). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12191 |
|
Vulnerability in deserialization (CVE-2026-12191)
vulnerability in deserialization (CVE-2026-12191). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54413 |
|
Out-of-Bounds Read in c (CVE-2026-54413)
vulnerability in c (CVE-2026-54413). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54412 |
|
Out-of-Bounds Read in c (CVE-2026-54412)
vulnerability in c (CVE-2026-54412). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54411 |
|
Vulnerability in c (CVE-2026-54411)
vulnerability in c (CVE-2026-54411). Confidential information can be exposed externally.
|
| CVE-2026-12175 |
|
Vulnerability in sqli (CVE-2026-12175)
vulnerability in sqli (CVE-2026-12175). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12176 |
|
Cross-Site Scripting (XSS) in CVE-2026-12176 (CVE-2026-12176)
cross-site scripting in CVE-2026-12176 (CVE-2026-12176). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12183 |
|
Authentication Bypass in CVE-2026-12183 (CVE-2026-12183)
authentication bypass in CVE-2026-12183 (CVE-2026-12183). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9134 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9134)
cross-site scripting in wordpress (CVE-2026-9134). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9109 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9109)
cross-site scripting in wordpress (CVE-2026-9109). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9062 |
|
Path Traversal in wordpress (CVE-2026-9062)
path traversal in wordpress (CVE-2026-9062). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54090 |
|
Command Injection in github.com/filebrowser/filebrowser/v2 (CVE-2026-54090)
command injection in github.com/filebrowser/filebrowser/v2 (CVE-2026-54090). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/login`. Mitigation: upgrade to `2.33.10` or later.
|
| CVE-2026-53826 |
|
Vulnerability in c (CVE-2026-53826)
vulnerability in c (CVE-2026-53826). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53608 |
|
Cross-Site Scripting (XSS) in CVE-2026-53608 (CVE-2026-53608)
cross-site scripting in CVE-2026-53608 (CVE-2026-53608). Confidential information can be exposed externally. Exploitable via ``seoGoogleTrackingId``.
|
| CVE-2026-53609 |
|
Vulnerability in CVE-2026-53609 (CVE-2026-53609)
vulnerability in CVE-2026-53609 (CVE-2026-53609). Confidential information can be exposed externally. Exploitable via ``__proto__``.
|
| CVE-2026-12131 |
|
Vulnerability in sqli (CVE-2026-12131)
vulnerability in sqli (CVE-2026-12131). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7008 |
|
Out-of-Bounds Read in csharp (CVE-2025-7008)
vulnerability in csharp (CVE-2025-7008). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54362 |
|
Authorization Flaw in CVE-2026-54362 (CVE-2026-54362)
vulnerability in CVE-2026-54362 (CVE-2026-54362). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54393 |
|
Cross-Site Scripting (XSS) in CVE-2026-54393 (CVE-2026-54393)
cross-site scripting in CVE-2026-54393 (CVE-2026-54393). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54395 |
|
Cross-Site Scripting (XSS) in CVE-2026-54395 (CVE-2026-54395)
cross-site scripting in CVE-2026-54395 (CVE-2026-54395). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53606 |
|
Cross-Site Scripting (XSS) in CVE-2026-53606 (CVE-2026-53606)
cross-site scripting in CVE-2026-53606 (CVE-2026-53606). Risk of unauthorized operations or information disclosure. Exploitable via ``allowedSchemesAppliedToAttributes``.
|
| CVE-2026-53607 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-53607)
SSRF in ssrf (CVE-2026-53607). Risk of unauthorized operations or information disclosure. Exploitable via ``Host``.
|
| CVE-2026-45014 |
|
Cross-Site Scripting (XSS) in CVE-2026-45014 (CVE-2026-45014)
cross-site scripting in CVE-2026-45014 (CVE-2026-45014). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44311 |
|
Cross-Site Scripting (XSS) in fabric (CVE-2026-44311)
cross-site scripting in fabric (CVE-2026-44311). Risk of unauthorized operations or information disclosure. Exploitable via ``color``. Mitigation: upgrade to `7.4.0` or later.
|
| CVE-2026-54360 |
|
Vulnerability in CVE-2026-54360 (CVE-2026-54360)
vulnerability in CVE-2026-54360 (CVE-2026-54360). Risk of unauthorized operations or information disclosure.
|