Total CVEs

137,241

Critical Severity

3,307

High Severity

12,254

Last 7 Days

1,423
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 41 - 60 of 3,181 CVEs
CVE-2026-48881 CRITICAL - 9.1

Unauthenticated Broken Access Control in TrueBooker <= 1.1.9 versions.

Vendor: themetechmount
Product: TrueBooker
Published: Jun 15, 2026
Source: NVD
CVE-2026-48836 CRITICAL - 10.0

Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions.

Vendor: MantraBrain
Product: Easy Invoice
Published: Jun 15, 2026
Source: NVD
CVE-2026-45439 CRITICAL - 9.3

Unauthenticated SQL Injection in Realtyna Organic IDX plugin <= 5.1.0 versions.

Vendor: Realtyna
Product: Realtyna Organic IDX plugin
Published: Jun 15, 2026
Source: NVD
CVE-2026-42665 CRITICAL - 9.3

Unauthenticated SQL Injection in WP Data Access <= 5.5.70 versions.

Vendor: Passionate Programmer Peter
Product: WP Data Access
Published: Jun 15, 2026
Source: NVD
CVE-2026-42639 CRITICAL - 9.3

Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions.

Vendor: Dev4Press
Product: GD Rating System
Published: Jun 15, 2026
Source: NVD
CVE-2026-42386 CRITICAL - 9.3

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce <= 4.5.1 versions.

Vendor: tychesoftwares
Product: Order Delivery Date for WooCommerce
Published: Jun 15, 2026
Source: NVD
CVE-2026-42381 CRITICAL - 9.3

Unauthenticated SQL Injection in Funnel Builder by FunnelKit <= 3.15.0.1 versions.

Vendor: FunnelKit
Product: Funnel Builder by FunnelKit
Published: Jun 15, 2026
Source: NVD
CVE-2026-40798 CRITICAL - 9.3

Unauthenticated SQL Injection in wpForo Forum <= 3.0.4 versions.

Vendor: Tomdever
Product: wpForo Forum
Published: Jun 15, 2026
Source: NVD
CVE-2026-40772 CRITICAL - 10.0

Unauthenticated Arbitrary File Upload in GeekyBot <= 1.2.2 versions.

Vendor: Ahmad
Product: GeekyBot
Published: Jun 15, 2026
Source: NVD
CVE-2026-40771 CRITICAL - 9.3

Unauthenticated SQL Injection in Contest Gallery <= 28.1.6 versions.

Vendor: Wasiliy Strecker
Product: Contest Gallery
Published: Jun 15, 2026
Source: NVD
CVE-2026-39591 CRITICAL - 9.9

Subscriber Arbitrary File Upload in WP-BusinessDirectory <= 4.0.0 versions.

Vendor: CMSJunkie โ€“ WordPress Business Directory Plugins
Product: WP-BusinessDirectory
Published: Jun 15, 2026
Source: NVD
CVE-2026-39583 CRITICAL - 9.8

Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions.

Vendor: Datalogics
Product: Datalogics Ecommerce Delivery
Published: Jun 15, 2026
Source: NVD
CVE-2026-39530 CRITICAL - 9.3

Unauthenticated SQL Injection in SpeakOut! Email Petitions <= 4.6.5 versions.

Vendor: SpeakOut!
Product: SpeakOut! Email Petitions
Published: Jun 15, 2026
Source: NVD
CVE-2026-39519 CRITICAL - 9.3

Unauthenticated SQL Injection in GeekyBot <= 1.2.0 versions.

Vendor: Ahmad
Product: GeekyBot
Published: Jun 15, 2026
Source: NVD
CVE-2026-39512 CRITICAL - 9.3

Unauthenticated SQL Injection in GeoDirectory <= 2.8.152 versions.

Vendor: Paolo
Product: GeoDirectory
Published: Jun 15, 2026
Source: NVD
CVE-2026-39511 CRITICAL - 9.3

Unauthenticated SQL Injection in WP Photo Album Plus <= 9.1.08.001 versions.

Vendor: Jacob N. Breetvelt
Product: WP Photo Album Plus
Published: Jun 15, 2026
Source: NVD
CVE-2026-39502 CRITICAL - 9.3

Unauthenticated SQL Injection in Form Maker by 10Web <= 1.15.38 versions.

Vendor: 10Web
Product: Form Maker by 10Web
Published: Jun 15, 2026
Source: NVD
CVE-2026-39493 CRITICAL - 9.3

Unauthenticated SQL Injection in Simply Schedule Appointments <= 1.6.9.27 versions.

Vendor: NSquared
Product: Simply Schedule Appointments
Published: Jun 15, 2026
Source: NVD
CVE-2026-39492 CRITICAL - 9.3

Unauthenticated SQL Injection in WP Maps <= 4.9.1 versions.

Vendor: Flipper Code โ€“ WordPress Development Company
Product: WP Maps
Published: Jun 15, 2026
Source: NVD
CVE-2026-39465 CRITICAL - 9.1

Editor Remote Code Execution (RCE) in Responsive Slider by MetaSlider <= 3.106.0 versions.

Vendor: MetaSlider
Product: Responsive Slider by MetaSlider
Published: Jun 15, 2026
Source: NVD