Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-7617 |
|
Vulnerability in wordpress (CVE-2026-7617)
vulnerability in wordpress (CVE-2026-7617). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8614 |
|
Vulnerability in wordpress (CVE-2026-8614)
vulnerability in wordpress (CVE-2026-8614). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8617 |
|
Vulnerability in wordpress (CVE-2026-8617)
vulnerability in wordpress (CVE-2026-8617). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8622 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8622)
cross-site scripting in wordpress (CVE-2026-8622). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11997 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11997)
vulnerability in wordpress (CVE-2026-11997). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12094 |
|
Vulnerability in wordpress (CVE-2026-12094)
vulnerability in wordpress (CVE-2026-12094). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_ajax_cf7cdb_delete``.
|
| CVE-2026-12095 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12095)
SSRF in wordpress (CVE-2026-12095). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12100 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12100)
SSRF in wordpress (CVE-2026-12100). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12416 |
|
Vulnerability in wordpress (CVE-2026-12416)
vulnerability in wordpress (CVE-2026-12416). Successful exploitation can lead to full system takeover. Exploitable via ``reset_activation_code``.
|
| CVE-2026-12417 |
|
Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
|
| CVE-2026-11370 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11370)
SSRF in wordpress (CVE-2026-11370). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10753 |
|
Vulnerability in wordpress (CVE-2026-10753)
vulnerability in wordpress (CVE-2026-10753). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10091 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10091)
cross-site scripting in wordpress (CVE-2026-10091). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10092 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10092)
cross-site scripting in wordpress (CVE-2026-10092). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10531 |
|
Vulnerability in wordpress (CVE-2026-10531)
vulnerability in wordpress (CVE-2026-10531). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10552 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10552)
vulnerability in wordpress (CVE-2026-10552). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10735 |
|
Vulnerability in wordpress (CVE-2026-10735)
vulnerability in wordpress (CVE-2026-10735). Confidential information can be exposed externally.
|
| CVE-2026-10749 |
|
Vulnerability in wordpress (CVE-2026-10749)
vulnerability in wordpress (CVE-2026-10749). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3652 |
|
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
|
| CVE-2026-11614 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11614)
cross-site scripting in wordpress (CVE-2026-11614). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56301 |
|
Vulnerability in nuxt (CVE-2026-56301)
vulnerability in nuxt (CVE-2026-56301). Confidential information can be exposed externally.
|
| CVE-2026-4610 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4610)
cross-site scripting in wordpress (CVE-2026-4610). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8172 |
|
Vulnerability in wordpress (CVE-2026-8172)
vulnerability in wordpress (CVE-2026-8172). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8378 |
|
Vulnerability in wordpress (CVE-2026-8378)
vulnerability in wordpress (CVE-2026-8378). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8379 |
|
Vulnerability in wordpress (CVE-2026-8379)
vulnerability in wordpress (CVE-2026-8379). Confidential information can be exposed externally.
|
| CVE-2026-7842 |
|
Vulnerability in wordpress (CVE-2026-7842)
vulnerability in wordpress (CVE-2026-7842). Confidential information can be exposed externally.
|
| CVE-2026-8163 |
|
Vulnerability in wordpress (CVE-2026-8163)
vulnerability in wordpress (CVE-2026-8163). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56697 |
|
Open Redirect in nuxt (CVE-2026-56697)
vulnerability in nuxt (CVE-2026-56697). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56698 |
|
Cross-Site Scripting (XSS) in nuxt (CVE-2026-56698)
cross-site scripting in nuxt (CVE-2026-56698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48500 |
|
Vulnerability in filament/filament (CVE-2026-48500)
vulnerability in filament/filament (CVE-2026-48500). Risk of unauthorized operations or information disclosure. Exploitable via ``WithFileUploads``. Mitigation: upgrade to `3.3.52` or later.
|
| CVE-2026-48505 |
|
Vulnerability in filament/filament (CVE-2026-48505)
vulnerability in filament/filament (CVE-2026-48505). Confidential information can be exposed externally. Mitigation: upgrade to `5.6.5` or later.
|
| CVE-2026-48166 |
|
Vulnerability in filament/filament (CVE-2026-48166)
vulnerability in filament/filament (CVE-2026-48166). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.6.5` or later.
|
| CVE-2026-48167 |
|
Cross-Site Scripting (XSS) in filament/infolists (CVE-2026-48167)
cross-site scripting in filament/infolists (CVE-2026-48167). Risk of unauthorized operations or information disclosure. Exploitable via ``ImageColumn``. Mitigation: upgrade to `5.6.5` or later.
|
| CVE-2026-50178 |
|
Cross-Site Scripting (XSS) in angular (CVE-2026-50178)
cross-site scripting in angular (CVE-2026-50178). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
|
| CVE-2026-49241 |
|
Cross-Site Scripting (XSS) in angular (CVE-2026-49241)
cross-site scripting in angular (CVE-2026-49241). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
|
| CVE-2026-4259 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4259)
cross-site scripting in wordpress (CVE-2026-4259). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8157 |
|
Privilege Escalation in wordpress (CVE-2026-8157)
vulnerability in wordpress (CVE-2026-8157). Successful exploitation can lead to full system takeover.
|
| CVE-2025-62198 |
|
Vulnerability in apache (CVE-2025-62198)
vulnerability in apache (CVE-2025-62198). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54665 |
|
Vulnerability in apache (CVE-2026-54665)
vulnerability in apache (CVE-2026-54665). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2026-7859 |
|
Vulnerability in wordpress (CVE-2026-7859)
vulnerability in wordpress (CVE-2026-7859). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44911 |
|
Authorization Flaw in apache (CVE-2026-44911)
vulnerability in apache (CVE-2026-44911). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44914 |
|
Vulnerability in apache (CVE-2026-44914)
vulnerability in apache (CVE-2026-44914). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6858 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6858)
cross-site scripting in wordpress (CVE-2026-6858). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44913 |
|
Vulnerability in apache (CVE-2026-44913)
vulnerability in apache (CVE-2026-44913). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4110 |
|
Vulnerability in wordpress (CVE-2026-4110)
vulnerability in wordpress (CVE-2026-4110). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10530 |
|
Vulnerability in wordpress (CVE-2026-10530)
vulnerability in wordpress (CVE-2026-10530). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-66336 |
|
SQL Injection in apache (CVE-2025-66336)
SQL injection in apache (CVE-2025-66336). Confidential information can be exposed externally.
|
| CVE-2026-56317 |
|
Cross-Site Scripting (XSS) in nuxt (CVE-2026-56317)
cross-site scripting in nuxt (CVE-2026-56317). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37255 |
|
Vulnerability in wordpress (CVE-2020-37255)
vulnerability in wordpress (CVE-2020-37255). Confidential information can be exposed externally.
|
| CVE-2019-25763 |
|
Vulnerability in wordpress (CVE-2019-25763)
vulnerability in wordpress (CVE-2019-25763). Successful exploitation can lead to full system takeover.
|