Total CVEs

143,749

Critical Severity

4,091

High Severity

14,758

Last 7 Days

1,515
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 2,021 - 2,040 of 40,154 CVEs
CVE-2026-57345 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Internal Links Manager <= 3.0.3 versions.

Vendor: Webraketen
Product: Internal Links Manager
Published: Jul 02, 2026
Source: NVD
CVE-2026-57344 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.4.2 versions.

Vendor: RadiusTheme
Product: Classified Listing
Published: Jul 02, 2026
Source: NVD
CVE-2026-57343 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Real Estate 7 <= 3.5.9 versions.

Vendor: Contempoinc
Product: Real Estate 7
Published: Jul 02, 2026
Source: NVD
CVE-2026-57342 MEDIUM - 6.5

Subscriber Cross Site Scripting (XSS) in ShortPixel Adaptive Images <= 3.11.3 versions.

Vendor: ShortPixel
Product: ShortPixel Adaptive Images
Published: Jul 02, 2026
Source: NVD
CVE-2026-56037 HIGH - 8.8

Deserialization of Untrusted Data vulnerability in Themify Themify Popup allows Object Injection. This issue affects Themify Popup: from n/a through 1.4.3.

Vendor: Themify
Product: Themify Popup
Published: Jul 02, 2026
Source: NVD
CVE-2026-49779 MEDIUM - 6.5

Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 versions.

Vendor: Addify
Product: Tax Exempt for WooCommerce
Published: Jul 02, 2026
Source: NVD
CVE-2026-42382 HIGH - 8.1

Unauthenticated Local File Inclusion in Audrey <= 1.5 versions.

Vendor: Elated-Themes
Product: Audrey
Published: Jul 02, 2026
Source: NVD
CVE-2026-39448 HIGH - 7.5

Unauthenticated Broken Access Control in NOWPayments for WooCommerce <= 1.4.0 versions.

Vendor: CoderPress
Product: NOWPayments for WooCommerce
Published: Jul 02, 2026
Source: NVD
CVE-2026-27436 CRITICAL - 9.1

Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.

Vendor: Rustaurius
Product: Five Star Business Profile and Schema
Published: Jul 02, 2026
Source: NVD
CVE-2026-27433 MEDIUM - 6.5

Unauthenticated Broken Access Control in Motors <= 5.6.80 versions.

Vendor: StylemixThemes
Product: Motors
Published: Jul 02, 2026
Source: NVD
CVE-2026-27430 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in TheFox <= 3.9.76 versions.

Vendor: tranmautritam
Product: TheFox
Published: Jul 02, 2026
Source: NVD
CVE-2026-27426 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Automotive Car Dealership Business <= 13.3.3 versions.

Vendor: Themesuite
Product: Automotive Car Dealership Business
Published: Jul 02, 2026
Source: NVD
CVE-2026-27425 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Automotive Listings <= 18.6 versions.

Vendor: Themesuite
Product: Automotive Listings
Published: Jul 02, 2026
Source: NVD
CVE-2026-27419 CRITICAL - 9.9

Subscriber Arbitrary File Upload in Zegen <= 1.1.9 versions.

Vendor: Zozothemes
Product: Zegen
Published: Jul 02, 2026
Source: NVD
CVE-2026-27414 HIGH - 8.8

Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.

Vendor: Fuelthemes
Product: Werkstatt
Published: Jul 02, 2026
Source: NVD
CVE-2026-27412 HIGH - 8.1

Unauthenticated Local File Inclusion in Pearl - Corporate Business <= 3.4.10 versions.

Vendor: StylemixThemes
Product: Pearl - Corporate Business
Published: Jul 02, 2026
Source: NVD
CVE-2026-27408 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in NativeChurch <= 4.8.8.2 versions.

Vendor: imithemes
Product: NativeChurch
Published: Jul 02, 2026
Source: NVD
CVE-2026-27404 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in LMS <= 9.7 versions.

Vendor: Designthemes
Product: LMS
Published: Jul 02, 2026
Source: NVD
CVE-2026-27402 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Kids Life | Children School WordPress <= 5.2 versions.

Vendor: Designthemes
Product: Kids Life | Children School WordPress
Published: Jul 02, 2026
Source: NVD
CVE-2026-27060 HIGH - 8.8

Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.

Vendor: Reputeinfosystems
Product: ARMember Premium
Published: Jul 02, 2026
Source: NVD