Total CVEs

136,968

Critical Severity

3,261

High Severity

12,143

Last 7 Days

1,831
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 101 - 120 of 33,373 CVEs
CVE-2026-42743 MEDIUM - 6.5

Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions.

Vendor: ThemeGrill
Product: Masteriyo - LMS
Published: Jun 15, 2026
Source: NVD
CVE-2026-42688 MEDIUM - 6.5

Subscriber Cross Site Scripting (XSS) in Modula Image Gallery <= 2.14.23 versions.

Vendor: WP Chill
Product: Modula Image Gallery
Published: Jun 15, 2026
Source: NVD
CVE-2026-42687 HIGH - 8.1

Unauthenticated PHP Object Injection in EventPrime <= 4.3.2.1 versions.

Vendor: EventPrime
Product: EventPrime
Published: Jun 15, 2026
Source: NVD
CVE-2026-42686 HIGH - 7.1

Subscriber Cross Site Scripting (XSS) in EventPrime <= 4.3.2.1 versions.

Vendor: EventPrime
Product: EventPrime
Published: Jun 15, 2026
Source: NVD
CVE-2026-42668 HIGH - 7.5

Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend <= 1.18.0 versions.

Vendor: Omnisend
Product: Email Marketing for WooCommerce by Omnisend
Published: Jun 15, 2026
Source: NVD
CVE-2026-42667 HIGH - 7.5

Unauthenticated Sensitive Data Exposure in Bookly <= 27.4 versions.

Vendor: Bookly
Product: Bookly
Published: Jun 15, 2026
Source: NVD
CVE-2026-42666 HIGH - 7.5

Unauthenticated Broken Access Control in Salon booking system <= 10.30.25 versions.

Vendor: Dimitri Grassi
Product: Salon booking system
Published: Jun 15, 2026
Source: NVD
CVE-2026-42665 CRITICAL - 9.3

Unauthenticated SQL Injection in WP Data Access <= 5.5.70 versions.

Vendor: Passionate Programmer Peter
Product: WP Data Access
Published: Jun 15, 2026
Source: NVD
CVE-2026-42664 HIGH - 8.2

Unauthenticated Broken Access Control in AI Product Search for WooCommerce &#8211; Motive Commerce Search <= 1.38.2 versions.

Vendor: Motive Commerce Search
Product: AI Product Search for WooCommerce &#8211; Motive Commerce Search
Published: Jun 15, 2026
Source: NVD
CVE-2026-42663 MEDIUM - 6.5

Unauthenticated Cross Site Scripting (XSS) in Simple Membership <= 4.7.2 versions.

Vendor: wp.insider
Product: Simple Membership
Published: Jun 15, 2026
Source: NVD
CVE-2026-42662 MEDIUM - 6.5

Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.

Vendor: Liquid Web / StellarWP
Product: Event Tickets
Published: Jun 15, 2026
Source: NVD
CVE-2026-42661 HIGH - 8.8

Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.

Vendor: aguilatechnologies
Product: WP Customer Area
Published: Jun 15, 2026
Source: NVD
CVE-2026-42660 MEDIUM - 6.5

Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions.

Vendor: Wasiliy Strecker
Product: Contest Gallery
Published: Jun 15, 2026
Source: NVD
CVE-2026-42659 MEDIUM - 6.5

Subscriber Broken Access Control in Advanced Form Integration <= 1.126.12 versions.

Vendor: Nasir Ahmed
Product: Advanced Form Integration
Published: Jun 15, 2026
Source: NVD
CVE-2026-42658 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.3.8 versions.

Vendor: Mamunur Rashid
Product: Classified Listing
Published: Jun 15, 2026
Source: NVD
CVE-2026-42657 MEDIUM - 5.3

Unauthenticated Other Vulnerability Type in Contest Gallery <= 28.1.7 versions.

Vendor: Wasiliy Strecker
Product: Contest Gallery
Published: Jun 15, 2026
Source: NVD
CVE-2026-42656 MEDIUM - 6.5

Subscriber Cross Site Scripting (XSS) in Contest Gallery <= 28.1.6 versions.

Vendor: Wasiliy Strecker
Product: Contest Gallery
Published: Jun 15, 2026
Source: NVD
CVE-2026-42655 MEDIUM - 5.9

Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions.

Vendor: WPManageNinja
Product: Best Payments Plugin for WP
Published: Jun 15, 2026
Source: NVD
CVE-2026-42651 MEDIUM - 6.3

Subscriber Broken Access Control in Classified Listing <= 5.3.9 versions.

Vendor: Mamunur Rashid
Product: Classified Listing
Published: Jun 15, 2026
Source: NVD
CVE-2026-42650 HIGH - 7.2

Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.6.7 versions.

Vendor: Ruben Garcia
Product: AutomatorWP
Published: Jun 15, 2026
Source: NVD