Browse CVEs | Page 32

Total CVEs

140,303

Critical Severity

3,711

High Severity

13,344

Last 7 Days

1,812

Clear Filters

📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →

Showing 621 - 640 of 36,708 CVEs

CVE-2026-56053 HIGH - 8.8

Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions.

Vendor: EventPrime

Product: EventPrime

Published: Jun 25, 2026

Source: NVD

CVE-2026-56051 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions.

Vendor: TablePress

Product: TablePress

Published: Jun 25, 2026

Source: NVD

CVE-2026-56050 MEDIUM - 6.5

Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PPOM for WooCommerce: from n/a through 33.0.18.

Vendor: Themeisle

Product: PPOM for WooCommerce

Published: Jun 25, 2026

Source: NVD

CVE-2026-56049 HIGH - 8.5

Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.

Vendor: Post Snippets

Product: Post Snippets

Published: Jun 25, 2026

Source: NVD

CVE-2026-56042 HIGH - 7.1

Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.

Vendor: Algolplus

Product: Advanced Order Export For WooCommerce

Published: Jun 25, 2026

Source: NVD

CVE-2026-56023 MEDIUM - 5.4

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce <= 1.6.2 versions.

Vendor: Knit Pay

Product: UPI QR Code Payment Gateway for WooCommerce

Published: Jun 25, 2026

Source: NVD

CVE-2026-56014 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.

Vendor: Averta

Product: Master Slider

Published: Jun 25, 2026

Source: NVD

CVE-2026-56013 MEDIUM - 6.5

Unauthenticated Insecure Direct Object References (IDOR) in License Manager for WooCommerce <= 3.0.15 versions.

Vendor: myCred

Product: License Manager for WooCommerce

Published: Jun 25, 2026

Source: NVD

CVE-2026-56006 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions.

Vendor: H5P

Product: H5P

Published: Jun 25, 2026

Source: NVD

CVE-2026-56005 HIGH - 7.1

Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.

Vendor: Melapress

Product: WP Activity Log

Published: Jun 25, 2026

Source: NVD

CVE-2026-54849 CRITICAL - 9.3

Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.

Vendor: Premmerce

Product: Premmerce Wishlist for WooCommerce

Published: Jun 25, 2026

Source: NVD

CVE-2026-54848 HIGH - 8.3

Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal APIExperts Square for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects APIExperts Square for WooCommerce: from n/a through 4.7.3.

Vendor: Saad Iqbal

Product: APIExperts Square for WooCommerce

Published: Jun 25, 2026

Source: NVD

CVE-2026-54845 HIGH - 8.1

Unauthenticated Local File Inclusion in MDTF <= 1.3.8 versions.

Vendor: PluginUs.Net

Product: MDTF

Published: Jun 25, 2026

Source: NVD

CVE-2026-54844 HIGH - 7.5

Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions.

Vendor: CheckView

Product: CheckView Automated Testing

Published: Jun 25, 2026

Source: NVD

CVE-2026-54843 CRITICAL - 9.3

Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.

Vendor: PluginUs.Net

Product: MDTF

Published: Jun 25, 2026

Source: NVD

CVE-2026-54842 HIGH - 8.1

Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal MCP: from n/a through 1.4.25.

Vendor: Royal Plugins

Product: Royal MCP

Published: Jun 25, 2026

Source: NVD

CVE-2026-54841 HIGH - 7.5

Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 versions.

Vendor: Appsbd

Product: Vitepos

Published: Jun 25, 2026

Source: NVD

CVE-2026-54838 HIGH - 8.5

Subscriber SQL Injection in WC Vendors Marketplace <= 2.6.8 versions.

Vendor: Rymera Web Co

Product: WC Vendors Marketplace

Published: Jun 25, 2026

Source: NVD

CVE-2026-54836 CRITICAL - 9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YMC Filter allows SQL Injection. This issue affects YMC Filter: from n/a through 3.11.5.

Vendor: YMC

Product: YMC Filter

Published: Jun 25, 2026

Source: NVD

CVE-2026-54830 HIGH - 7.5

Unauthenticated Broken Access Control in Five Star Restaurant Reservations <= 2.7.19 versions.

Vendor: Etoile Web Design Incorporated

Product: Five Star Restaurant Reservations

Published: Jun 25, 2026

Source: NVD

« Previous 30 31 32 33 34 Next »