Browse CVEs | Page 77

Total CVEs

138,463

Critical Severity

3,569

High Severity

12,815

Last 7 Days

1,990

Clear Filters

📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →

Showing 1,521 - 1,540 of 34,868 CVEs

CVE-2026-52703 CRITICAL - 9.6

Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.

Vendor: Ninja Team

Product: FastDup

Published: Jun 15, 2026

Source: NVD

CVE-2026-52702 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in SEO Redirection <= 9.17 versions.

Vendor: wp-buy

Product: SEO Redirection

Published: Jun 15, 2026

Source: NVD

CVE-2026-52700 HIGH - 8.5

Subscriber SQL Injection in WCMultiShipping <= 3.0.2 versions.

Vendor: WcMultishipping – Mondial Relay & Chronopost for Wooommerce

Product: WCMultiShipping

Published: Jun 15, 2026

Source: NVD

CVE-2026-52699 HIGH - 7.5

Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar <= 1.4.5 versions.

Vendor: e4jvikwp

Product: VikRentCar

Published: Jun 15, 2026

Source: NVD

CVE-2026-52697 HIGH - 8.5

Subscriber SQL Injection in Taskbuilder <= 5.0.7 versions.

Vendor: Taskbuilder

Product: Taskbuilder

Published: Jun 15, 2026

Source: NVD

CVE-2026-52695 HIGH - 7.5

Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout <= 1.8.2 versions.

Vendor: Al Monsor

Product: ABC Crypto Checkout

Published: Jun 15, 2026

Source: NVD

CVE-2026-52694 HIGH - 7.5

Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions.

Vendor: WP E-Signature

Product: Signature Add-On for WooCommerce

Published: Jun 15, 2026

Source: NVD

CVE-2026-52693 CRITICAL - 9.3

Unauthenticated SQL Injection in eCommerce Product Catalog <= 3.5.5 versions.

Vendor: impleCode

Product: eCommerce Product Catalog

Published: Jun 15, 2026

Source: NVD

CVE-2026-52692 HIGH - 7.5

Unauthenticated Sensitive Data Exposure in Affiliates Manager <= 2.9.50 versions.

Vendor: wp.insider

Product: Affiliates Manager

Published: Jun 15, 2026

Source: NVD

CVE-2026-49781 CRITICAL - 9.8

Unauthenticated PHP Object Injection in OttoKit <= 1.1.27 versions.

Vendor: Brainstorm Force

Product: OttoKit

Published: Jun 15, 2026

Source: NVD

CVE-2026-49780 HIGH - 8.8

Customer Privilege Escalation in Dokan <= 5.0.2 versions.

Vendor: Dokan, Inc.

Product: Dokan

Published: Jun 15, 2026

Source: NVD

CVE-2026-49776 CRITICAL - 9.3

Unauthenticated SQL Injection in GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites <= 2.32.6 versions.

Vendor: JExtensions Store

Product: GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites

Published: Jun 15, 2026

Source: NVD

CVE-2026-49775 MEDIUM - 6.5

Unauthenticated Broken Access Control in Welcart e-Commerce <= 2.11.28 versions.

Vendor: info@welcart

Product: Welcart e-Commerce

Published: Jun 15, 2026

Source: NVD

CVE-2026-49773 MEDIUM - 6.5

Subscriber Cross Site Scripting (XSS) in FV Flowplayer Video Player < 7.5.51.7212 versions.

Vendor: FolioVision

Product: FV Flowplayer Video Player

Published: Jun 15, 2026

Source: NVD

CVE-2026-49770 CRITICAL - 9.8

Unauthenticated PHP Object Injection in WP Travel Engine <= 6.7.12 versions.

Vendor: WP Travel Engine

Product: WP Travel Engine

Published: Jun 15, 2026

Source: NVD

CVE-2026-49769 CRITICAL - 9.8

Unauthenticated PHP Object Injection in wpForo Forum <= 3.1.0 versions.

Vendor: Tomdever

Product: wpForo Forum

Published: Jun 15, 2026

Source: NVD

CVE-2026-49768 CRITICAL - 9.8

Unauthenticated PHP Object Injection in Happyforms <= 1.26.13 versions.

Vendor: Happyforms

Product: Happyforms

Published: Jun 15, 2026

Source: NVD

CVE-2026-49766 CRITICAL - 9.9

Subscriber Arbitrary File Deletion in WP User Manager <= 2.9.16 versions.

Vendor: WP User Manager

Product: WP User Manager

Published: Jun 15, 2026

Source: NVD

CVE-2026-49765 CRITICAL - 9.8

Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.8 versions.

Vendor: CRM Perks

Product: Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms

Published: Jun 15, 2026

Source: NVD

CVE-2026-49764 CRITICAL - 9.8

Unauthenticated Broken Authentication in RegistrationMagic <= 6.0.8.6 versions.

Vendor: Metagauss

Product: RegistrationMagic

Published: Jun 15, 2026

Source: NVD

« Previous 75 76 77 78 79 Next »