Total CVEs

143,793

Critical Severity

4,093

High Severity

14,778

Last 7 Days

1,504
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 2,021 - 2,040 of 40,198 CVEs
CVE-2026-57730 MEDIUM - 4.3

Subscriber Broken Access Control in Flatsome <= 3.20.5 versions.

Vendor: UX-themes
Product: Flatsome
Published: Jul 02, 2026
Source: NVD
CVE-2026-57690 MEDIUM - 4.3

Unauthenticated Cross Site Request Forgery (CSRF) in Werkstatt <= 4.7.2 versions.

Vendor: Fuelthemes
Product: Werkstatt
Published: Jul 02, 2026
Source: NVD
CVE-2026-57689 MEDIUM - 4.3

Subscriber Broken Access Control in Werkstatt <= 4.7.2 versions.

Vendor: Fuelthemes
Product: Werkstatt
Published: Jul 02, 2026
Source: NVD
CVE-2026-57688 HIGH - 8.2

Unauthenticated Broken Access Control in POS Entegratör <= 3.7.103 versions.

Vendor: Gurmehub
Product: POS Entegratör
Published: Jul 02, 2026
Source: NVD
CVE-2026-57687 HIGH - 8.5

Contributor SQL Injection in Custom Field Template <= 2.7.8 versions.

Vendor: Hiroaki Miyashita
Product: Custom Field Template
Published: Jul 02, 2026
Source: NVD
CVE-2026-57686 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in WowAddons <= 1.6.14 versions.

Vendor: WPXPO
Product: WowAddons
Published: Jul 02, 2026
Source: NVD
CVE-2026-57685 MEDIUM - 4.3

Subscriber Broken Access Control in Martfury - WooCommerce Marketplace WordPress Theme <= 3.2.8 versions.

Vendor: drfuri
Product: Martfury - WooCommerce Marketplace WordPress Theme
Published: Jul 02, 2026
Source: NVD
CVE-2026-57684 MEDIUM - 6.5

Contributor Cross Site Scripting (XSS) in TheFox <= 3.9.70 versions.

Vendor: tranmautritam
Product: TheFox
Published: Jul 02, 2026
Source: NVD
CVE-2026-57683 CRITICAL - 9.3

Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions.

Vendor: Epsiloncool
Product: WP Fast Total Search
Published: Jul 02, 2026
Source: NVD
CVE-2026-57682 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Simple Link Directory <= 15.0.5 versions.

Vendor: QuantumCloud
Product: Simple Link Directory
Published: Jul 02, 2026
Source: NVD
CVE-2026-57681 MEDIUM - 6.4

Subscriber Server Side Request Forgery (SSRF) in GeoDirectory <= 2.8.161 versions.

Vendor: Paolo
Product: GeoDirectory
Published: Jul 02, 2026
Source: NVD
CVE-2026-57680 MEDIUM - 6.5

Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions.

Vendor: Themeum
Product: Kirki
Published: Jul 02, 2026
Source: NVD
CVE-2026-57679 CRITICAL - 9.3

Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions.

Vendor: Ahmadgb
Product: GeekyBot
Published: Jul 02, 2026
Source: NVD
CVE-2026-57678 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePunch Slider Revolution allows Reflected XSS. This issue affects Slider Revolution: from 7.0.0 through 7.0.16.

Vendor: ThemePunch
Product: Slider Revolution
Published: Jul 02, 2026
Source: NVD
CVE-2026-57677 CRITICAL - 9.8

Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce <= 12.10.3 versions.

Vendor: Novalnet
Product: Novalnet Payment Gateway for WooCommerce
Published: Jul 02, 2026
Source: NVD
CVE-2026-57675 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in WP Photo Album Plus <= 9.2.02.004 versions.

Vendor: Jacob N. Breetvelt
Product: WP Photo Album Plus
Published: Jul 02, 2026
Source: NVD
CVE-2026-57674 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Timetics <= 1.0.58 versions.

Vendor: Arraytics
Product: Timetics
Published: Jul 02, 2026
Source: NVD
CVE-2026-57673 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Optimole <= 4.2.7 versions.

Vendor: Optimole
Product: Optimole
Published: Jul 02, 2026
Source: NVD
CVE-2026-57672 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in wpDataTables <= 6.5.1.1 versions.

Vendor: Melograno Venture Studio
Product: wpDataTables
Published: Jul 02, 2026
Source: NVD
CVE-2026-57671 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in perfmatters <= 2.6.4 versions.

Vendor: Perfmatters
Product: perfmatters
Published: Jul 02, 2026
Source: NVD