Busca de CVEs

364.931 resultados
CVE-2026-9616MEDIUMGenerate Security.txt <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Security.txt Deletion via delete_securitytxt AJAX ActionEPSS 0.2%CVE-2026-8617MEDIUMSearchPlus <= 1.7.1 - Missing Authorization to Unauthenticated Settings Modification and Deletion via searchplus_save_token & searchplus_reset_token AJAX ActionsEPSS 0.2%CVE-2026-9184MEDIUM24liveblog <= 2.2 - Missing Authorization to Authenticated (Author+) Settings Modification via update_lb24_token AJAX actionEPSS 0.2%CVE-2026-8705HIGHClearSale Total <= 3.4.2 - Unauthenticated SQL InjectionEPSS 0.5%CVE-2026-8628MEDIUMEntreDroppers <= 1.1.2 - Reflected Cross-Site Scripting via PHP_SELF ParameterEPSS 0.2%CVE-2026-12095HIGHKargo Takip <= 1.2 - Unauthenticated Server-Side Request Forgery via 'api_url' ParameterEPSS 0.3%CVE-2026-10552MEDIUMBlue Captcha <= 2.0.1 - Cross-Site Request Forgery via 'blcap_action' ParameterEPSS 0.1%CVE-2026-8614MEDIUMAssistio <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion via assistio_plugin_delete_assistio_settings AJAX ActionEPSS 0.2%CVE-2026-7617MEDIUMSecufor_OAuth <= 1.0.7 - Missing Authorization to Unauthenticated Account Logout via 'secuforoauth_unregister_action' AJAX ActionEPSS 0.3%CVE-2026-9619MEDIUMReviews and Rating <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via sync_reviews AJAX ActionEPSS 0.3%CVE-2026-9724MEDIUMMotorDesk <= 1.1.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-4297HIGHWelcome Software Publishing <= 0.0.31 - Authenticated (Subscriber+) Arbitrary Options Update to Privilege Escalation via 'nc.setOption' XML-RPC MethodEPSS 0.5%CVE-2026-12094MEDIUMAdvanced Contact Form 7 <= 1.0.0 - Missing Authorization to Unauthenticated Arbitrary Contact Form Submission Deletion via 'form_id' ParameterEPSS 0.3%CVE-2026-10092HIGHCincopa video and media plug-in <= 1.163 - Unauthenticated Stored Cross-Site Scripting via cincopa Shortcode in Post CommentsEPSS 0.3%CVE-2026-9179HIGHWP Forms Connector <= 1.8 - Unauthenticated SQL Injection via 'order' ParameterEPSS 0.4%CVE-2026-11370MEDIUMWP Meta SEO <= 4.5.18 - Authenticated (Contributor+) Server-Side Request Forgery via 'new_link' ParameterEPSS 0.2%CVE-2026-9175MEDIUMDevs Accounting <= 1.2.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'id' ParameterEPSS 0.3%CVE-2026-9721MEDIUMBook a Room Event Calendar <= 1.9 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-10091HIGHEmail JavaScript Cloak <= 1.03 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-12100HIGHURL Preview <= 1.0 - Unauthenticated Server-Side Request Forgery via 'url' ParameterEPSS 0.3%