Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-11962 |
|
Vulnerability in wordpress (CVE-2026-11962)
vulnerability in wordpress (CVE-2026-11962). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11855 |
|
Vulnerability in wordpress (CVE-2026-11855)
vulnerability in wordpress (CVE-2026-11855). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11766 |
|
Vulnerability in wordpress (CVE-2026-11766)
vulnerability in wordpress (CVE-2026-11766). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10830 |
|
Vulnerability in wordpress (CVE-2026-10830)
vulnerability in wordpress (CVE-2026-10830). Successful exploitation can lead to full system takeover.
|
| CVE-2024-6228 |
|
Vulnerability in wordpress (CVE-2024-6228)
vulnerability in wordpress (CVE-2024-6228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5137 |
|
Vulnerability in wordpress (CVE-2026-5137)
vulnerability in wordpress (CVE-2026-5137). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47896 |
|
Path Traversal in csharp (CVE-2026-47896)
path traversal in csharp (CVE-2026-47896). Confidential information can be exposed externally.
|
| CVE-2026-9756 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9756)
cross-site scripting in wordpress (CVE-2026-9756). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4804 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4804)
cross-site scripting in wordpress (CVE-2026-4804). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11900 |
|
Vulnerability in wordpress (CVE-2026-11900)
vulnerability in wordpress (CVE-2026-11900). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11778 |
|
Code Injection in wordpress (CVE-2026-11778)
code injection in wordpress (CVE-2026-11778). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11398 |
|
Vulnerability in wordpress (CVE-2026-11398)
vulnerability in wordpress (CVE-2026-11398). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9230 |
|
Vulnerability in wordpress (CVE-2026-9230)
vulnerability in wordpress (CVE-2026-9230). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9148 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9148)
cross-site scripting in wordpress (CVE-2026-9148). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8351 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8351)
cross-site scripting in wordpress (CVE-2026-8351). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47897 |
|
Path Traversal in csharp (CVE-2026-47897)
path traversal in csharp (CVE-2026-47897). Data can be tampered with by attackers.
|
| CVE-2026-47898 |
|
XXE (XML External Entity) in csharp (CVE-2026-47898)
vulnerability in csharp (CVE-2026-47898). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9725 |
|
Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
|
| CVE-2026-9626 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9626)
cross-site scripting in wordpress (CVE-2026-9626). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9180 |
|
Vulnerability in wordpress (CVE-2026-9180)
vulnerability in wordpress (CVE-2026-9180). Risk of unauthorized operations or information disclosure. Exploitable via `POST /motopress/appointment/v1/bookings`.
|
| CVE-2026-8892 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8892)
cross-site scripting in wordpress (CVE-2026-8892). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8489 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8489)
cross-site scripting in wordpress (CVE-2026-8489). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14352 |
|
Path Traversal in wordpress (CVE-2026-14352)
path traversal in wordpress (CVE-2026-14352). Confidential information can be exposed externally. Exploitable via `Referer header`.
|
| CVE-2026-13040 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13040)
cross-site scripting in wordpress (CVE-2026-13040). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12557 |
|
Vulnerability in wordpress (CVE-2026-12557)
vulnerability in wordpress (CVE-2026-12557). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11397 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11397)
SSRF in wordpress (CVE-2026-11397). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14327 |
|
Path Traversal in wordpress (CVE-2026-14327)
path traversal in wordpress (CVE-2026-14327). Confidential information can be exposed externally.
|
| CVE-2026-12920 |
|
SQL Injection in wordpress (CVE-2026-12920)
SQL injection in wordpress (CVE-2026-12920). Confidential information can be exposed externally.
|
| CVE-2026-12729 |
|
Vulnerability in wordpress (CVE-2026-12729)
vulnerability in wordpress (CVE-2026-12729). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12731 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12731)
cross-site scripting in wordpress (CVE-2026-12731). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12734 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12734)
cross-site scripting in wordpress (CVE-2026-12734). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58460 |
|
Path Traversal in react (CVE-2026-58460)
path traversal in react (CVE-2026-58460). Data can be tampered with by attackers.
|
| CVE-2026-59102 |
|
Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58467 |
|
Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
|
| CVE-2026-7311 |
|
Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
|
| CVE-2026-5524 |
|
Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45045 |
|
Vulnerability in github.com/gofiber/fiber/v3 (CVE-2026-45045)
vulnerability in github.com/gofiber/fiber/v3 (CVE-2026-45045). Risk of unauthorized operations or information disclosure. Exploitable via ``BalancerForward``. Mitigation: upgrade to `3.3.0` or later.
|
| CVE-2026-44332 |
|
Vulnerability in github.com/gofiber/fiber/v3 (CVE-2026-44332)
vulnerability in github.com/gofiber/fiber/v3 (CVE-2026-44332). Risk of unauthorized operations or information disclosure. Exploitable via ``Authorizer``. Mitigation: upgrade to `3.3.0` or later.
|
| CVE-2026-57685 |
|
Vulnerability in wordpress (CVE-2026-57685)
vulnerability in wordpress (CVE-2026-57685). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27402 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-27402)
cross-site scripting in wordpress (CVE-2026-27402). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69152 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2025-69152)
cross-site scripting in wordpress (CVE-2025-69152). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69134 |
|
Vulnerability in wordpress (CVE-2025-69134)
vulnerability in wordpress (CVE-2025-69134). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69154 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2025-69154)
cross-site scripting in wordpress (CVE-2025-69154). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69156 |
|
Unauthenticated Cross Site Scripting (XSS) in Kids Zone - Children WordPress Theme <= 5.4 versions.
Unauthenticated Cross Site Scripting (XSS) in Kids Zone - Children WordPress Theme <= 5.4 versions.
|
| CVE-2025-69155 |
|
Unauthenticated Cross Site Scripting (XSS) in Fitness Zone WordPress Theme <= 5.7 versions.
Unauthenticated Cross Site Scripting (XSS) in Fitness Zone WordPress Theme <= 5.7 versions.
|
| CVE-2026-9834 |
|
Command Injection in wordpress (CVE-2026-9834)
command injection in wordpress (CVE-2026-9834). Successful exploitation can lead to full system takeover. Exploitable via ``wp_db_exclude_table``.
|
| CVE-2026-13252 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13252)
cross-site scripting in wordpress (CVE-2026-13252). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13459 |
|
Vulnerability in wordpress (CVE-2026-13459)
vulnerability in wordpress (CVE-2026-13459). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14029 |
|
SQL Injection in wordpress (CVE-2026-14029)
SQL injection in wordpress (CVE-2026-14029). Confidential information can be exposed externally.
|
| CVE-2026-9188 |
|
Vulnerability in wordpress (CVE-2026-9188)
vulnerability in wordpress (CVE-2026-9188). Risk of unauthorized operations or information disclosure. Exploitable via ``appointmentkey``.
|