|
CVE-2026-40736
|
|
Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-40739
|
|
Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.
Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-40758
|
|
Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-41557
|
|
Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.
Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.
|
High
|
Cross-Site Scripting
Cwe 79
|
il y a 3 semaines
|
|
CVE-2026-40759
|
|
Unauthenticated PHP Object Injection in Esmée <= 1.4 versions.
Unauthenticated PHP Object Injection in Esmée <= 1.4 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-40735
|
|
Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-40754
|
|
Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.
Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-40751
|
|
Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.
Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-40753
|
|
Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions.
Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-39580
|
|
Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-39568
|
|
Unauthenticated Local File Inclusion in Mr. SEO <= 2.0 versions.
Unauthenticated Local File Inclusion in Mr. SEO <= 2.0 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39557
|
|
Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-39558
|
|
Unauthenticated Local File Inclusion in Malmö <= 2.2 versions.
Unauthenticated Local File Inclusion in Malmö <= 2.2 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39597
|
|
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
|
High
|
Cross-Site Scripting
Cwe 79
|
il y a 3 semaines
|
|
CVE-2026-39537
|
|
Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39582
|
|
Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions.
Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39598
|
|
Téléversement de fichier dangereux dans CVE-2026-39598 (CVE-2026-39598)
vulnérabilité dans CVE-2026-39598 (CVE-2026-39598). L'exploitation peut entraîner la prise de contrôle totale du système.
|
High
|
Cwe 434
|
il y a 3 semaines
|
|
CVE-2026-39573
|
|
Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-39548
|
|
Unauthenticated Cross Site Scripting (XSS) in MagOne <= 9.0 versions.
Unauthenticated Cross Site Scripting (XSS) in MagOne <= 9.0 versions.
|
High
|
Cross-Site Scripting
Cwe 79
|
il y a 3 semaines
|
|
CVE-2026-39554
|
|
Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.
Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-39549
|
|
Unauthenticated Local File Inclusion in Aperitif <= 1.5 versions.
Unauthenticated Local File Inclusion in Aperitif <= 1.5 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39567
|
|
Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-40721
|
|
Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions.
Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39547
|
|
Unauthenticated Local File Inclusion in Getaway < 1.8 versions.
Unauthenticated Local File Inclusion in Getaway < 1.8 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39546
|
|
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
|
High
|
Privilege Escalation
Cwe 266
|
il y a 3 semaines
|
|
CVE-2026-39539
|
|
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-39545
|
|
Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions.
Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-39446
|
|
Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-28615
|
|
Vulnérabilité dans google (CVE-2026-28615)
vulnérabilité dans google (CVE-2026-28615). L'exploitation peut entraîner la prise de contrôle totale du système.
|
High
|
Cwe 862
Google
Android
|
il y a 3 semaines
|
|
CVE-2026-34894
|
|
Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.
Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39522
|
|
Unauthenticated Local File Inclusion in Solene <= 3.4 versions.
Unauthenticated Local File Inclusion in Solene <= 3.4 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-34888
|
|
Unauthenticated Sensitive Data Exposure in Bricksforge <= 3.1.8.4 versions.
Unauthenticated Sensitive Data Exposure in Bricksforge <= 3.1.8.4 versions.
|
High
|
Cwe 201
|
il y a 3 semaines
|
|
CVE-2026-34893
|
|
Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.
Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-39443
|
|
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
|
High
|
PHP
Cwe 502
|
il y a 3 semaines
|
|
CVE-2026-34895
|
|
Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions.
Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-25439
|
|
Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions.
Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions.
|
High
|
Cwe 288
|
il y a 3 semaines
|
|
CVE-2026-27400
|
|
Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions.
Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions.
|
High
|
Cwe 22
|
il y a 3 semaines
|
|
CVE-2026-22326
|
|
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-22330
|
|
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-22331
|
|
Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions.
Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-22329
|
|
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
|
High
|
Cross-Site Scripting
Cwe 79
|
il y a 3 semaines
|
|
CVE-2026-22342
|
|
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
|
High
|
WordPress
Cross-Site Request Forgery
Cwe 352
|
il y a 3 semaines
|
|
CVE-2026-22343
|
|
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
|
High
|
WordPress
Cwe 862
|
il y a 3 semaines
|
|
CVE-2026-22338
|
|
Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.
Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-22335
|
|
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
|
High
|
SQL Injection
Cwe 89
|
il y a 3 semaines
|
|
CVE-2026-22334
|
|
Subscriber Arbitrary File Download in Woocommerce Book Price <= 1.3 versions.
Subscriber Arbitrary File Download in Woocommerce Book Price <= 1.3 versions.
|
High
|
Cwe 22
|
il y a 3 semaines
|
|
CVE-2026-12466
|
|
Vulnérabilité dans google (CVE-2026-12466)
vulnérabilité dans google (CVE-2026-12466). L'exploitation peut entraîner la prise de contrôle totale du système.
|
High
|
Cwe 122
Google
Chrome
Microsoft
+1
|
il y a 3 semaines
|
|
CVE-2026-12468
|
|
Vulnérabilité dans google (CVE-2026-12468)
vulnérabilité dans google (CVE-2026-12468). L'exploitation peut entraîner la prise de contrôle totale du système.
|
High
|
Cwe 362
Google
Chrome
Apple
+1
|
il y a 3 semaines
|
|
CVE-2026-22325
|
|
Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions.
Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions.
|
High
|
Cwe 98
|
il y a 3 semaines
|
|
CVE-2026-12467
|
|
Use-After-Free dans Google chrome (CVE-2026-12467)
vulnérabilité dans Google chrome (CVE-2026-12467). L'exploitation peut entraîner la prise de contrôle totale du système.
|
High
|
Cwe 416
Google
Chrome
Apple
+7
|
il y a 3 semaines
|