脆弱性一覧

CVE / GHSA / KEV / OSV を統合監視。タグ・カテゴリで絞り込み可能。

ID タイトル
CVE-2026-49063 Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions.
Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions.
CVE-2026-49056 CVE-2026-49056 の脆弱性 (CVE-2026-49056)
CVE-2026-49056 に 脆弱性 (CVE-2026-49056) が存在。機密情報が外部に流出する可能性があります。
CVE-2026-48970 Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions.
Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions.
CVE-2026-49085 CVE-2026-49085 に 安全でないデシリアライゼーション (CVE-2026-49085)
CVE-2026-49085 に 脆弱性 (CVE-2026-49085) が存在。悪用されるとシステム全体を乗っ取られる可能性があります。
CVE-2026-48965 Subscriber Sensitive Data Exposure in XCloner <= 4.8.6 versions.
Subscriber Sensitive Data Exposure in XCloner <= 4.8.6 versions.
CVE-2026-49066 Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions.
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions.
CVE-2026-49043 Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
CVE-2026-49078 Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.
Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.
CVE-2026-48964 Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.6 versions.
Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.6 versions.
CVE-2026-48889 Subscriber Privilege Escalation in Amelia <= 2.3 versions.
Subscriber Privilege Escalation in Amelia <= 2.3 versions.
CVE-2026-48966 Unauthenticated Cross Site Scripting (XSS) in Funnel Builder by FunnelKit <= 3.15.0.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Funnel Builder by FunnelKit <= 3.15.0.2 versions.
CVE-2026-49109 CVE-2026-49109 に 安全でないデシリアライゼーション (CVE-2026-49109)
CVE-2026-49109 に 脆弱性 (CVE-2026-49109) が存在。悪用されるとシステム全体を乗っ取られる可能性があります。
CVE-2026-49065 Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions.
Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions.
CVE-2026-49061 Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce <= 3.2.1 versions.
Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce <= 3.2.1 versions.
CVE-2026-48880 Subscriber Cross Site Scripting (XSS) in WP Job Portal <= 2.5.2 versions.
Subscriber Cross Site Scripting (XSS) in WP Job Portal <= 2.5.2 versions.
CVE-2026-48881 Unauthenticated Broken Access Control in TrueBooker <= 1.1.9 versions.
Unauthenticated Broken Access Control in TrueBooker <= 1.1.9 versions.
CVE-2026-48885 Unauthenticated Cross Site Scripting (XSS) in HollerBox <= 2.3.10.1 versions.
Unauthenticated Cross Site Scripting (XSS) in HollerBox <= 2.3.10.1 versions.
CVE-2026-48871 Unauthenticated Cross Site Scripting (XSS) in MW WP Form <= 5.1.3 versions.
Unauthenticated Cross Site Scripting (XSS) in MW WP Form <= 5.1.3 versions.
CVE-2026-48873 Unauthenticated Broken Access Control in Montonio for WooCommerce <= 10.1.2 versions.
Unauthenticated Broken Access Control in Montonio for WooCommerce <= 10.1.2 versions.
CVE-2026-48887 Unauthenticated Broken Access Control in JS Help Desk <= 3.0.9 versions.
Unauthenticated Broken Access Control in JS Help Desk <= 3.0.9 versions.
CVE-2026-48835 Unauthenticated Broken Access Control in Contact Form by WPForms <= 1.10.0.4 versions.
Unauthenticated Broken Access Control in Contact Form by WPForms <= 1.10.0.4 versions.
CVE-2026-45439 Unauthenticated SQL Injection in Realtyna Organic IDX plugin <= 5.1.0 versions.
Unauthenticated SQL Injection in Realtyna Organic IDX plugin <= 5.1.0 versions.
CVE-2026-48886 Unauthenticated SQL Injection in JS Help Desk <= 3.0.9 versions.
Unauthenticated SQL Injection in JS Help Desk <= 3.0.9 versions.
CVE-2026-48872 Unauthenticated Sensitive Data Exposure in EmbedPress <= 4.5.2 versions.
Unauthenticated Sensitive Data Exposure in EmbedPress <= 4.5.2 versions.
CVE-2026-48883 Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce <= 8.5.3 versions.
Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce <= 8.5.3 versions.
CVE-2026-48836 Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions.
Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions.
CVE-2026-48874 Subscriber SQL Injection in GamiPress <= 7.8.7 versions.
Subscriber SQL Injection in GamiPress <= 7.8.7 versions.
CVE-2026-48838 Unauthenticated Cross Site Scripting (XSS) in Post SMTP <= 3.6.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Post SMTP <= 3.6.2 versions.
CVE-2026-48876 Unauthenticated Cross Site Scripting (XSS) in Stop Spammers <= 2026.3 versions.
Unauthenticated Cross Site Scripting (XSS) in Stop Spammers <= 2026.3 versions.
CVE-2026-48882 Subscriber SQL Injection in WP Time Slots Booking Form <= 1.2.50 versions.
Subscriber SQL Injection in WP Time Slots Booking Form <= 1.2.50 versions.
CVE-2026-48868 Unauthenticated Insecure Direct Object References (IDOR) in Simple Shopping Cart <= 5.2.9 versions.
Unauthenticated Insecure Direct Object References (IDOR) in Simple Shopping Cart <= 5.2.9 versions.
CVE-2026-48867 Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.1.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.1.2 versions.
CVE-2026-48870 Subscriber Cross Site Scripting (XSS) in King Addons for Elementor <= 51.1.62 versions.
Subscriber Cross Site Scripting (XSS) in King Addons for Elementor <= 51.1.62 versions.
CVE-2026-48878 Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions.
Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions.
CVE-2026-42662 Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.
Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.
CVE-2026-42651 Subscriber Broken Access Control in Classified Listing <= 5.3.9 versions.
Subscriber Broken Access Control in Classified Listing <= 5.3.9 versions.
CVE-2026-42660 Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions.
Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions.
CVE-2026-42665 Unauthenticated SQL Injection in WP Data Access <= 5.5.70 versions.
Unauthenticated SQL Injection in WP Data Access <= 5.5.70 versions.
CVE-2026-42687 Unauthenticated PHP Object Injection in EventPrime <= 4.3.2.1 versions.
Unauthenticated PHP Object Injection in EventPrime <= 4.3.2.1 versions.
CVE-2026-42655 Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions.
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions.
CVE-2026-45441 Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions.
Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions.
CVE-2026-45437 CVE-2026-45437 に クロスサイトスクリプティング (CVE-2026-45437)
CVE-2026-45437 に XSS (クロスサイトスクリプティング) (CVE-2026-45437) が存在。不正な操作・情報露出のリスクがあります。
CVE-2026-42688 Subscriber Cross Site Scripting (XSS) in Modula Image Gallery <= 2.14.23 versions.
Subscriber Cross Site Scripting (XSS) in Modula Image Gallery <= 2.14.23 versions.
CVE-2026-42666 Unauthenticated Broken Access Control in Salon booking system <= 10.30.25 versions.
Unauthenticated Broken Access Control in Salon booking system <= 10.30.25 versions.
CVE-2026-42668 CVE-2026-42668 の脆弱性 (CVE-2026-42668)
CVE-2026-42668 に 脆弱性 (CVE-2026-42668) が存在。機密情報が外部に流出する可能性があります。
CVE-2026-47825 CVE-2026-47825 の脆弱性 (CVE-2026-47825)
CVE-2026-47825 に 脆弱性 (CVE-2026-47825) が存在。データの不正な改ざんを許す可能性があります。
CVE-2026-42667 Unauthenticated Sensitive Data Exposure in Bookly <= 27.4 versions.
Unauthenticated Sensitive Data Exposure in Bookly <= 27.4 versions.
CVE-2026-42775 Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.7.2 versions.
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.7.2 versions.
CVE-2026-42743 Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions.
Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions.
CVE-2026-42664 CVE-2026-42664 の脆弱性 (CVE-2026-42664)
CVE-2026-42664 に 脆弱性 (CVE-2026-42664) が存在。不正な操作・情報露出のリスクがあります。

🍪 Cookie について

当サイトはログイン状態の保持・言語設定・サービス改善のために Cookie を使用します。詳細は下記リンクをご確認ください。

詳細 →