Vulnérabilités

Aggrégat CVE / GHSA / KEV / OSV — filtrage par étiquette et catégorie.

ID Titre
CVE-2026-40765 Unauthenticated Cross Site Scripting (XSS) in collectchat <= 2.4.9 versions.
Unauthenticated Cross Site Scripting (XSS) in collectchat <= 2.4.9 versions.
CVE-2026-40768 Vulnérabilité dans CVE-2026-40768 (CVE-2026-40768)
vulnérabilité dans CVE-2026-40768 (CVE-2026-40768). Risque d'opérations non autorisées ou de divulgation.
CVE-2026-40755 Unauthenticated PHP Object Injection in TechLink <= 1.3 versions.
Unauthenticated PHP Object Injection in TechLink <= 1.3 versions.
CVE-2026-40749 Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions.
Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions.
CVE-2026-40736 Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
CVE-2026-40739 Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.
Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.
CVE-2026-40758 Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
CVE-2026-41557 Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.
Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.
CVE-2026-40759 Unauthenticated PHP Object Injection in Esmée <= 1.4 versions.
Unauthenticated PHP Object Injection in Esmée <= 1.4 versions.
CVE-2026-40735 Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
CVE-2026-40754 Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.
Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.
CVE-2026-40748 Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions.
Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions.
CVE-2026-40751 Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.
Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.
CVE-2026-40753 Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions.
Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions.
CVE-2026-39596 Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
CVE-2026-40723 Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
CVE-2026-39589 Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions.
Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions.
CVE-2026-39580 Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
CVE-2026-39577 Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
CVE-2026-39568 Unauthenticated Local File Inclusion in Mr. SEO <= 2.0 versions.
Unauthenticated Local File Inclusion in Mr. SEO <= 2.0 versions.
CVE-2026-40722 Vulnérabilité dans CVE-2026-40722 (CVE-2026-40722)
vulnérabilité dans CVE-2026-40722 (CVE-2026-40722). Risque d'opérations non autorisées ou de divulgation.
CVE-2026-39557 Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
CVE-2026-39558 Unauthenticated Local File Inclusion in Malmö <= 2.2 versions.
Unauthenticated Local File Inclusion in Malmö <= 2.2 versions.
CVE-2026-39597 Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
CVE-2026-39537 Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
CVE-2026-39582 Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions.
Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions.
CVE-2026-39529 Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.
Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.
CVE-2026-39598 Téléversement de fichier dangereux dans CVE-2026-39598 (CVE-2026-39598)
vulnérabilité dans CVE-2026-39598 (CVE-2026-39598). L'exploitation peut entraîner la prise de contrôle totale du système.
CVE-2026-39573 Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
CVE-2026-39548 Unauthenticated Cross Site Scripting (XSS) in MagOne <= 9.0 versions.
Unauthenticated Cross Site Scripting (XSS) in MagOne <= 9.0 versions.
CVE-2026-39554 Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.
Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.
CVE-2026-39549 Unauthenticated Local File Inclusion in Aperitif <= 1.5 versions.
Unauthenticated Local File Inclusion in Aperitif <= 1.5 versions.
CVE-2026-39578 Unauthenticated PHP Object Injection in Valiance <= 1.2 versions.
Unauthenticated PHP Object Injection in Valiance <= 1.2 versions.
CVE-2026-39567 Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions.
CVE-2026-40721 Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions.
Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions.
CVE-2026-39595 Author Broken Access Control in W3 Total Cache <= 2.9.1 versions.
Author Broken Access Control in W3 Total Cache <= 2.9.1 versions.
CVE-2026-39547 Unauthenticated Local File Inclusion in Getaway < 1.8 versions.
Unauthenticated Local File Inclusion in Getaway < 1.8 versions.
CVE-2026-39546 Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
CVE-2026-39539 Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
CVE-2026-39545 Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions.
Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions.
CVE-2026-28576 Injection SQL dans sqli (CVE-2026-28576)
injection SQL dans sqli (CVE-2026-28576). Des informations confidentielles peuvent être exposées.
CVE-2026-39446 Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
CVE-2026-2604 Vulnérabilité dans path-traversal (CVE-2026-2604)
vulnérabilité dans path-traversal (CVE-2026-2604). Les données peuvent être altérées par des attaquants.
CVE-2026-39433 Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.
Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.
CVE-2026-28615 Vulnérabilité dans google (CVE-2026-28615)
vulnérabilité dans google (CVE-2026-28615). L'exploitation peut entraîner la prise de contrôle totale du système.
CVE-2026-34894 Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.
Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.
CVE-2026-39522 Unauthenticated Local File Inclusion in Solene <= 3.4 versions.
Unauthenticated Local File Inclusion in Solene <= 3.4 versions.
CVE-2026-34888 Unauthenticated Sensitive Data Exposure in Bricksforge <= 3.1.8.4 versions.
Unauthenticated Sensitive Data Exposure in Bricksforge <= 3.1.8.4 versions.
CVE-2026-34893 Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.
Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.
CVE-2026-39443 Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.

🍪 À propos des cookies

Nous utilisons des cookies pour conserver votre session, mémoriser la langue et améliorer le service.

En savoir plus →