Export limit exceeded: 335106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10419 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10419 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-1905 | 2 Devmw, Wordpress | 2 Sphere Manager, Wordpress | 2026-02-18 | 6.4 Medium |
| The Sphere Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'width' parameter in the 'show_sphere_image' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-1910 | 2 Upmenu, Wordpress | 2 Upmenu – Online Ordering For Restaurants, Wordpress | 2026-02-18 | 6.4 Medium |
| The UpMenu – Online ordering for restaurants plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lang' attribute of the 'upmenu-menu' shortcode in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-1987 | 2 Morelmathieuj, Wordpress | 2 Scheduler Widget, Wordpress | 2026-02-18 | 5.4 Medium |
| The Scheduler Widget plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 0.1.6. This is due to the `scheduler_widget_ajax_save_event()` function lacking proper authorization checks and ownership verification when updating events. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify any event in the scheduler via the `id` parameter granted they have knowledge of the event ID. | ||||
| CVE-2026-1988 | 2 Wordpress, Wpdecent | 2 Wordpress, Flexi Product Slider And Grid For Woocommerce | 2026-02-18 | 7.5 High |
| The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the `flexipsg_carousel` shortcode. This is due to the `theme` parameter being directly concatenated into a file path without proper sanitization or validation, allowing directory traversal. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary PHP files on the server via the `theme` parameter granted they can create posts with shortcodes. | ||||
| CVE-2026-2022 | 2 Edgarrojas, Wordpress | 2 Smart Forms – When You Need More Than Just A Contact Form, Wordpress | 2026-02-18 | 4.3 Medium |
| The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednao_smart_forms_get_campaigns' AJAX action in all versions up to, and including, 2.6.99. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve donation campaign data including campaign IDs and names. | ||||
| CVE-2026-2027 | 2 Ampenhancer, Wordpress | 2 Amp Enhancer – Compatibility Layer For Official Amp Plugin, Wordpress | 2026-02-18 | 4.4 Medium |
| The AMP Enhancer – Compatibility Layer for Official AMP Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AMP Custom CSS setting in all versions up to, and including, 1.0.49 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | ||||
| CVE-2026-2144 | 2 Katsushi-kawamori, Wordpress | 2 Magic Login Mail Or Qr Code, Wordpress | 2026-02-18 | 8.1 High |
| The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.05. This is due to the plugin storing the magic login QR code image with a predictable, static filename (QR_Code.png) in the publicly accessible WordPress uploads directory during the email sending process. The file is only deleted after wp_mail() completes, creating an exploitable race condition window. This makes it possible for unauthenticated attackers to trigger a login link request for any user, including administrators, and then exploit the race condition between QR code file creation and deletion to obtain the login URL encoded in the QR code, thereby gaining unauthorized access to the targeted user's account. | ||||
| CVE-2026-2312 | 2 Maxfoundry, Wordpress | 2 Media Library Folders, Wordpress | 2026-02-18 | 4.3 Medium |
| The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the delete_maxgalleria_media() and maxgalleria_rename_image() functions due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to delete or rename attachments owned by other users (including administrators). The rename flow also deletes all postmeta for the target attachment, causing data loss. | ||||
| CVE-2026-0829 | 2 Frontend File Manager Plugin, Wordpress | 2 Frontend File Manager Plugin, Wordpress | 2026-02-18 | 5.8 Medium |
| The Frontend File Manager Plugin WordPress plugin through 23.5 allows unauthenticated users to send emails through the site without any security checks. This lets attackers use the WordPress site as an open relay for spam or phishing emails to anyone. Attackers can also guess file IDs to access and share uploaded files without permission, exposing sensitive information. | ||||
| CVE-2022-41650 | 2 Paul, Wordpress | 2 Custom Content By Country (by Shield Security), Wordpress | 2026-02-18 | 6.5 Medium |
| Missing Authorization vulnerability in Paul Custom Content by Country (by Shield Security) custom-content-by-country.This issue affects Custom Content by Country (by Shield Security): from n/a through 3.1.2. | ||||
| CVE-2024-31118 | 2 Smartypantsplugins, Wordpress | 2 Sp Project & Document Manager, Wordpress | 2026-02-18 | 6.5 Medium |
| Missing Authorization vulnerability in Smartypants SP Project & Document Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SP Project & Document Manager: from n/a through 4.70. | ||||
| CVE-2025-12062 | 2 Flippercode, Wordpress | 2 Wp Maps – Store Locator,google Maps,openstreetmap,mapbox,listing,directory & Filters, Wordpress | 2026-02-18 | 8.8 High |
| The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8.6 via the fc_load_template function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .html files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .html file types can be uploaded and included. | ||||
| CVE-2026-0929 | 2 Registrationmagic, Wordpress | 2 Registrationmagic, Wordpress | 2026-02-18 | 4.3 Medium |
| The RegistrationMagic WordPress plugin before 6.0.7.2 does not have proper capability checks, allowing subscribers and above to create forms on the site. | ||||
| CVE-2026-1216 | 2 Rebelcode, Wordpress | 2 Rss Aggregator – Rss Import, News Feeds, Feed To Post, And Autoblogging, Wordpress | 2026-02-18 | 7.2 High |
| The RSS Aggregator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'template' parameter in all versions up to, and including, 5.0.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | ||||
| CVE-2026-1490 | 2 Cleantalk, Wordpress | 2 Spam Protection, Honeypot, Anti-spam By Cleantalk, Wordpress | 2026-02-18 | 9.8 Critical |
| The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS (PTR record) spoofing on the 'checkWithoutToken' function in all versions up to, and including, 6.71. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. Note: This is only exploitable on sites with an invalid API key. | ||||
| CVE-2026-1657 | 2 Metagauss, Wordpress | 2 Eventprime – Events Calendar, Bookings And Tickets, Wordpress | 2026-02-18 | 5.3 Medium |
| The EventPrime plugin for WordPress is vulnerable to unauthorized image file upload in all versions up to, and including, 4.2.8.4. This is due to the plugin registering the upload_file_media AJAX action as publicly accessible (nopriv-enabled) without implementing any authentication, authorization, or nonce verification despite a nonce being created. This makes it possible for unauthenticated attackers to upload image files to the WordPress uploads directory and create Media Library attachments via the ep_upload_file_media endpoint. | ||||
| CVE-2026-1750 | 2 Ecwid, Wordpress | 2 Ecwid By Lightspeed Ecommerce Shopping Cart, Wordpress | 2026-02-18 | 8.8 High |
| The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.0.7. This is due to a missing capability check in the 'save_custom_user_profile_fields' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to supply the 'ec_store_admin_access' parameter during a profile update and gain store manager access to the site. | ||||
| CVE-2026-1793 | 2 Bdthemes, Wordpress | 2 Element Pack Addons For Elementor, Wordpress | 2026-02-18 | 6.5 Medium |
| The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'render_svg' function. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. | ||||
| CVE-2026-2001 | 2 Wordpress, Wpxpo | 2 Wordpress, Wowrevenue – Product Bundles & Bulk Discounts | 2026-02-18 | 8.8 High |
| The WowRevenue plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'Notice::install_activate_plugin' function in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins on the affected site's server which may make remote code execution possible. | ||||
| CVE-2026-2002 | 2 Wordpress, Wpmudev | 2 Wordpress, Forminator Forms – Contact Form, Payment Form & Custom Form Builder | 2026-02-18 | 4.4 Medium |
| The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form_name parameter in all versions up to, and including, 1.50.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The plugin allows admins to give form management permissions to lower level users, which could make this exploitable by users such as subscribers. | ||||