Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: web-frameworks Clear
ID Title
CVE-2026-7617 Vulnerability in wordpress (CVE-2026-7617)
vulnerability in wordpress (CVE-2026-7617). Risk of unauthorized operations or information disclosure.
CVE-2026-8614 Vulnerability in wordpress (CVE-2026-8614)
vulnerability in wordpress (CVE-2026-8614). Risk of unauthorized operations or information disclosure.
CVE-2026-8617 Vulnerability in wordpress (CVE-2026-8617)
vulnerability in wordpress (CVE-2026-8617). Risk of unauthorized operations or information disclosure.
CVE-2026-8622 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8622)
cross-site scripting in wordpress (CVE-2026-8622). Risk of unauthorized operations or information disclosure.
CVE-2026-11997 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11997)
vulnerability in wordpress (CVE-2026-11997). Risk of unauthorized operations or information disclosure.
CVE-2026-12094 Vulnerability in wordpress (CVE-2026-12094)
vulnerability in wordpress (CVE-2026-12094). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_ajax_cf7cdb_delete``.
CVE-2026-12095 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12095)
SSRF in wordpress (CVE-2026-12095). Risk of unauthorized operations or information disclosure.
CVE-2026-12100 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12100)
SSRF in wordpress (CVE-2026-12100). Risk of unauthorized operations or information disclosure.
CVE-2026-12416 Vulnerability in wordpress (CVE-2026-12416)
vulnerability in wordpress (CVE-2026-12416). Successful exploitation can lead to full system takeover. Exploitable via ``reset_activation_code``.
CVE-2026-12417 Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
CVE-2026-11370 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11370)
SSRF in wordpress (CVE-2026-11370). Risk of unauthorized operations or information disclosure.
CVE-2026-10753 Vulnerability in wordpress (CVE-2026-10753)
vulnerability in wordpress (CVE-2026-10753). Risk of unauthorized operations or information disclosure.
CVE-2026-10091 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10091)
cross-site scripting in wordpress (CVE-2026-10091). Risk of unauthorized operations or information disclosure.
CVE-2026-10092 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10092)
cross-site scripting in wordpress (CVE-2026-10092). Risk of unauthorized operations or information disclosure.
CVE-2026-10531 Vulnerability in wordpress (CVE-2026-10531)
vulnerability in wordpress (CVE-2026-10531). Risk of unauthorized operations or information disclosure.
CVE-2026-10552 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10552)
vulnerability in wordpress (CVE-2026-10552). Risk of unauthorized operations or information disclosure.
CVE-2026-10735 Vulnerability in wordpress (CVE-2026-10735)
vulnerability in wordpress (CVE-2026-10735). Confidential information can be exposed externally.
CVE-2026-10749 Vulnerability in wordpress (CVE-2026-10749)
vulnerability in wordpress (CVE-2026-10749). Successful exploitation can lead to full system takeover.
CVE-2026-3652 The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
CVE-2026-11614 Cross-Site Scripting (XSS) in wordpress (CVE-2026-11614)
cross-site scripting in wordpress (CVE-2026-11614). Risk of unauthorized operations or information disclosure.
CVE-2026-56301 Vulnerability in nuxt (CVE-2026-56301)
vulnerability in nuxt (CVE-2026-56301). Confidential information can be exposed externally.
CVE-2026-4610 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4610)
cross-site scripting in wordpress (CVE-2026-4610). Risk of unauthorized operations or information disclosure.
CVE-2026-8172 Vulnerability in wordpress (CVE-2026-8172)
vulnerability in wordpress (CVE-2026-8172). Risk of unauthorized operations or information disclosure.
CVE-2026-8378 Vulnerability in wordpress (CVE-2026-8378)
vulnerability in wordpress (CVE-2026-8378). Risk of unauthorized operations or information disclosure.
CVE-2026-8379 Vulnerability in wordpress (CVE-2026-8379)
vulnerability in wordpress (CVE-2026-8379). Confidential information can be exposed externally.
CVE-2026-7842 Vulnerability in wordpress (CVE-2026-7842)
vulnerability in wordpress (CVE-2026-7842). Confidential information can be exposed externally.
CVE-2026-8163 Vulnerability in wordpress (CVE-2026-8163)
vulnerability in wordpress (CVE-2026-8163). Successful exploitation can lead to full system takeover.
CVE-2026-56697 Open Redirect in nuxt (CVE-2026-56697)
vulnerability in nuxt (CVE-2026-56697). Risk of unauthorized operations or information disclosure.
CVE-2026-56698 Cross-Site Scripting (XSS) in nuxt (CVE-2026-56698)
cross-site scripting in nuxt (CVE-2026-56698). Risk of unauthorized operations or information disclosure.
CVE-2026-48500 Vulnerability in filament/filament (CVE-2026-48500)
vulnerability in filament/filament (CVE-2026-48500). Risk of unauthorized operations or information disclosure. Exploitable via ``WithFileUploads``. Mitigation: upgrade to `3.3.52` or later.
CVE-2026-48505 Vulnerability in filament/filament (CVE-2026-48505)
vulnerability in filament/filament (CVE-2026-48505). Confidential information can be exposed externally. Mitigation: upgrade to `5.6.5` or later.
CVE-2026-48166 Vulnerability in filament/filament (CVE-2026-48166)
vulnerability in filament/filament (CVE-2026-48166). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.6.5` or later.
CVE-2026-48167 Cross-Site Scripting (XSS) in filament/infolists (CVE-2026-48167)
cross-site scripting in filament/infolists (CVE-2026-48167). Risk of unauthorized operations or information disclosure. Exploitable via ``ImageColumn``. Mitigation: upgrade to `5.6.5` or later.
CVE-2026-50178 Cross-Site Scripting (XSS) in angular (CVE-2026-50178)
cross-site scripting in angular (CVE-2026-50178). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
CVE-2026-49241 Cross-Site Scripting (XSS) in angular (CVE-2026-49241)
cross-site scripting in angular (CVE-2026-49241). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
CVE-2026-4259 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4259)
cross-site scripting in wordpress (CVE-2026-4259). Risk of unauthorized operations or information disclosure.
CVE-2026-8157 Privilege Escalation in wordpress (CVE-2026-8157)
vulnerability in wordpress (CVE-2026-8157). Successful exploitation can lead to full system takeover.
CVE-2025-62198 Vulnerability in apache (CVE-2025-62198)
vulnerability in apache (CVE-2025-62198). Risk of unauthorized operations or information disclosure.
CVE-2026-54665 Vulnerability in apache (CVE-2026-54665)
vulnerability in apache (CVE-2026-54665). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
CVE-2026-7859 Vulnerability in wordpress (CVE-2026-7859)
vulnerability in wordpress (CVE-2026-7859). Risk of unauthorized operations or information disclosure.
CVE-2026-44911 Authorization Flaw in apache (CVE-2026-44911)
vulnerability in apache (CVE-2026-44911). Risk of unauthorized operations or information disclosure.
CVE-2026-44914 Vulnerability in apache (CVE-2026-44914)
vulnerability in apache (CVE-2026-44914). Successful exploitation can lead to full system takeover.
CVE-2026-6858 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6858)
cross-site scripting in wordpress (CVE-2026-6858). Risk of unauthorized operations or information disclosure.
CVE-2026-44913 Vulnerability in apache (CVE-2026-44913)
vulnerability in apache (CVE-2026-44913). Successful exploitation can lead to full system takeover.
CVE-2026-4110 Vulnerability in wordpress (CVE-2026-4110)
vulnerability in wordpress (CVE-2026-4110). Risk of unauthorized operations or information disclosure.
CVE-2026-10530 Vulnerability in wordpress (CVE-2026-10530)
vulnerability in wordpress (CVE-2026-10530). Risk of unauthorized operations or information disclosure.
CVE-2025-66336 SQL Injection in apache (CVE-2025-66336)
SQL injection in apache (CVE-2025-66336). Confidential information can be exposed externally.
CVE-2026-56317 Cross-Site Scripting (XSS) in nuxt (CVE-2026-56317)
cross-site scripting in nuxt (CVE-2026-56317). Risk of unauthorized operations or information disclosure.
CVE-2020-37255 Vulnerability in wordpress (CVE-2020-37255)
vulnerability in wordpress (CVE-2020-37255). Confidential information can be exposed externally.
CVE-2019-25763 Vulnerability in wordpress (CVE-2019-25763)
vulnerability in wordpress (CVE-2019-25763). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →