Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: web-frameworks Clear
ID Title
CVE-2026-10024 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10024)
cross-site scripting in wordpress (CVE-2026-10024). Risk of unauthorized operations or information disclosure.
CVE-2026-10553 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10553)
vulnerability in wordpress (CVE-2026-10553). Risk of unauthorized operations or information disclosure.
CVE-2026-10738 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10738)
cross-site scripting in wordpress (CVE-2026-10738). Risk of unauthorized operations or information disclosure.
CVE-2026-5714 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5714)
cross-site scripting in wordpress (CVE-2026-5714). Risk of unauthorized operations or information disclosure.
CVE-2026-7556 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7556)
cross-site scripting in wordpress (CVE-2026-7556). Risk of unauthorized operations or information disclosure.
CVE-2026-10862 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10862)
cross-site scripting in wordpress (CVE-2026-10862). Risk of unauthorized operations or information disclosure.
CVE-2026-40519 OS Command Injection in nginx (CVE-2026-40519)
OS command injection in nginx (CVE-2026-40519). Successful exploitation can lead to full system takeover.
CVE-2026-49975 Vulnerability in apache (CVE-2026-49975)
vulnerability in apache (CVE-2026-49975). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-48913 Use-After-Free in apache (CVE-2026-48913)
vulnerability in apache (CVE-2026-48913). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-44631 Vulnerability in apache (CVE-2026-44631)
vulnerability in apache (CVE-2026-44631). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-44186 Vulnerability in apache (CVE-2026-44186)
vulnerability in apache (CVE-2026-44186). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-44185 Vulnerability in apache (CVE-2026-44185)
vulnerability in apache (CVE-2026-44185). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-44119 Privilege Escalation in apache (CVE-2026-44119)
vulnerability in apache (CVE-2026-44119). Confidential information can be exposed externally. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-43951 Out-of-Bounds Read in apache (CVE-2026-43951)
vulnerability in apache (CVE-2026-43951). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-42536 Vulnerability in apache (CVE-2026-42536)
vulnerability in apache (CVE-2026-42536). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-42535 Vulnerability in apache (CVE-2026-42535)
vulnerability in apache (CVE-2026-42535). Data can be tampered with by attackers. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-34356 Vulnerability in apache (CVE-2026-34356)
vulnerability in apache (CVE-2026-34356). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-34355 Vulnerability in apache (CVE-2026-34355)
vulnerability in apache (CVE-2026-34355). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-29170 Cross-Site Scripting (XSS) in apache (CVE-2026-29170)
cross-site scripting in apache (CVE-2026-29170). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-29167 Use-After-Free in apache (CVE-2026-29167)
vulnerability in apache (CVE-2026-29167). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-47430 Vulnerability in cordova-plugin-inappbrowser (CVE-2026-47430)
vulnerability in cordova-plugin-inappbrowser (CVE-2026-47430). Data can be tampered with by attackers. Exploitable via ``WKScriptMessage``. Mitigation: upgrade to `6.0.1` or later.
CVE-2026-3011 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3011)
cross-site scripting in wordpress (CVE-2026-3011). Risk of unauthorized operations or information disclosure.
CVE-2022-50953 Path Traversal in wordpress (CVE-2022-50953)
path traversal in wordpress (CVE-2022-50953). Confidential information can be exposed externally.
CVE-2021-47984 Cross-Site Scripting (XSS) in wordpress (CVE-2021-47984)
cross-site scripting in wordpress (CVE-2021-47984). Risk of unauthorized operations or information disclosure.
CVE-2021-47983 Cross-Site Scripting (XSS) in c (CVE-2021-47983)
cross-site scripting in c (CVE-2021-47983). Risk of unauthorized operations or information disclosure.
CVE-2024-58348 Unrestricted File Upload in wordpress (CVE-2024-58348)
vulnerability in wordpress (CVE-2024-58348). Successful exploitation can lead to full system takeover.
CVE-2023-54352 Vulnerability in wordpress (CVE-2023-54352)
vulnerability in wordpress (CVE-2023-54352). Successful exploitation can lead to full system takeover.
CVE-2023-54351 Cross-Site Scripting (XSS) in wordpress (CVE-2023-54351)
cross-site scripting in wordpress (CVE-2023-54351). Risk of unauthorized operations or information disclosure.
CVE-2023-54350 Vulnerability in c (CVE-2023-54350)
vulnerability in c (CVE-2023-54350). Confidential information can be exposed externally.
CVE-2021-47982 Cross-Site Scripting (XSS) in wordpress (CVE-2021-47982)
cross-site scripting in wordpress (CVE-2021-47982). Risk of unauthorized operations or information disclosure.
CVE-2024-58349 Unrestricted File Upload in wordpress (CVE-2024-58349)
vulnerability in wordpress (CVE-2024-58349). Successful exploitation can lead to full system takeover.
CVE-2026-8839 Vulnerability in wordpress (CVE-2026-8839)
vulnerability in wordpress (CVE-2026-8839). Risk of unauthorized operations or information disclosure. Exploitable via ``edit_posts``.
CVE-2026-8611 Vulnerability in wordpress (CVE-2026-8611)
vulnerability in wordpress (CVE-2026-8611). Risk of unauthorized operations or information disclosure.
CVE-2026-9016 Vulnerability in wordpress (CVE-2026-9016)
vulnerability in wordpress (CVE-2026-9016). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_ajax_nopriv_log_js_errors``.
CVE-2026-9851 Vulnerability in wordpress (CVE-2026-9851)
vulnerability in wordpress (CVE-2026-9851). Successful exploitation can lead to full system takeover.
CVE-2026-9594 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9594)
cross-site scripting in wordpress (CVE-2026-9594). Risk of unauthorized operations or information disclosure.
CVE-2026-9829 SQL Injection in wordpress (CVE-2026-9829)
SQL injection in wordpress (CVE-2026-9829). Confidential information can be exposed externally.
CVE-2026-7624 Vulnerability in wordpress (CVE-2026-7624)
vulnerability in wordpress (CVE-2026-7624). Risk of unauthorized operations or information disclosure. Exploitable via ``sq_manage_settings``.
CVE-2026-7796 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7796)
cross-site scripting in wordpress (CVE-2026-7796). Risk of unauthorized operations or information disclosure.
CVE-2026-8502 Vulnerability in wordpress (CVE-2026-8502)
vulnerability in wordpress (CVE-2026-8502). Risk of unauthorized operations or information disclosure.
CVE-2026-8978 SQL Injection in wordpress (CVE-2026-8978)
SQL injection in wordpress (CVE-2026-8978). Confidential information can be exposed externally.
CVE-2026-8991 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8991)
cross-site scripting in wordpress (CVE-2026-8991). Risk of unauthorized operations or information disclosure.
CVE-2026-9197 Path Traversal in wordpress (CVE-2026-9197)
path traversal in wordpress (CVE-2026-9197). Confidential information can be exposed externally.
CVE-2026-9280 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9280)
cross-site scripting in wordpress (CVE-2026-9280). Risk of unauthorized operations or information disclosure.
CVE-2026-7665 Vulnerability in wordpress (CVE-2026-7665)
vulnerability in wordpress (CVE-2026-7665). Risk of unauthorized operations or information disclosure.
CVE-2026-7792 Vulnerability in wordpress (CVE-2026-7792)
vulnerability in wordpress (CVE-2026-7792). Risk of unauthorized operations or information disclosure.
CVE-2026-7795 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7795)
cross-site scripting in wordpress (CVE-2026-7795). Risk of unauthorized operations or information disclosure.
CVE-2026-7566 Unsafe Deserialization in wordpress (CVE-2026-7566)
vulnerability in wordpress (CVE-2026-7566). Successful exploitation can lead to full system takeover.
CVE-2026-7565 Path Traversal in wordpress (CVE-2026-7565)
path traversal in wordpress (CVE-2026-7565). Confidential information can be exposed externally.
CVE-2026-7537 Unrestricted File Upload in wordpress (CVE-2026-7537)
vulnerability in wordpress (CVE-2026-7537). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →