Total CVEs

136,978

Critical Severity

3,261

High Severity

12,146

Last 7 Days

1,841
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 141 - 160 of 33,383 CVEs
CVE-2026-40798 CRITICAL - 9.3

Unauthenticated SQL Injection in wpForo Forum <= 3.0.4 versions.

Vendor: Tomdever
Product: wpForo Forum
Published: Jun 15, 2026
Source: NVD
CVE-2026-40796 MEDIUM - 6.5

Subscriber Sensitive Data Exposure in WPPizza <= 3.19.9 versions.

Vendor: ollybach
Product: WPPizza
Published: Jun 15, 2026
Source: NVD
CVE-2026-40795 MEDIUM - 6.5

Subscriber Broken Access Control in Amelia <= 2.2 versions.

Vendor: TMS
Product: Amelia
Published: Jun 15, 2026
Source: NVD
CVE-2026-40794 MEDIUM - 6.5

Subscriber Broken Access Control in myCred <= 3.0.3 versions.

Vendor: myCred
Product: myCred
Published: Jun 15, 2026
Source: NVD
CVE-2026-40793 MEDIUM - 6.5

Subscriber Broken Access Control in Groundhogg < 4.4.1 versions.

Vendor: Groundhogg
Product: Groundhogg
Published: Jun 15, 2026
Source: NVD
CVE-2026-40792 MEDIUM - 6.3

Subscriber Insecure Direct Object References (IDOR) in KiviCare <= 4.2.1 versions.

Vendor: Iqonic Design
Product: KiviCare
Published: Jun 15, 2026
Source: NVD
CVE-2026-40791 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form <= 1.2.46 versions.

Vendor: codepeople
Product: WP Time Slots Booking Form
Published: Jun 15, 2026
Source: NVD
CVE-2026-40790 MEDIUM - 6.5

Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions.

Vendor: VeronaLabs
Product: WP SMS
Published: Jun 15, 2026
Source: NVD
CVE-2026-40789 HIGH - 7.5

Unauthenticated Sensitive Data Exposure in Amelia <= 2.2 versions.

Vendor: TMS
Product: Amelia
Published: Jun 15, 2026
Source: NVD
CVE-2026-40788 HIGH - 7.1

Subscriber Broken Access Control in ChatBot <= 7.9.7 versions.

Vendor: QuantumCloud
Product: ChatBot
Published: Jun 15, 2026
Source: NVD
CVE-2026-40787 HIGH - 7.1

Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.0.0 versions.

Vendor: ExpressTech
Product: Quiz And Survey Master
Published: Jun 15, 2026
Source: NVD
CVE-2026-40785 HIGH - 7.1

Subscriber Broken Authentication in AutomatorWP <= 5.6.7 versions.

Vendor: Ruben Garcia
Product: AutomatorWP
Published: Jun 15, 2026
Source: NVD
CVE-2026-40782 MEDIUM - 6.5

Unauthenticated Broken Access Control in WPAdverts <= 2.3.0 versions.

Vendor: Greg Winiarski
Product: WPAdverts
Published: Jun 15, 2026
Source: NVD
CVE-2026-40781 HIGH - 7.5

Unauthenticated Broken Authentication in ReviewX <= 2.3.6 versions.

Vendor: ReviewX
Product: ReviewX
Published: Jun 15, 2026
Source: NVD
CVE-2026-40779 HIGH - 7.7

Contributor Arbitrary File Deletion in Link Library <= 7.8.8 versions.

Vendor: Yannick Lefebvre
Product: Link Library
Published: Jun 15, 2026
Source: NVD
CVE-2026-40776 HIGH - 7.5

Unauthenticated Broken Access Control in WP Event SOlution <= 4.1.8 versions.

Vendor: Arraytics
Product: WP Event SOlution
Published: Jun 15, 2026
Source: NVD
CVE-2026-40775 HIGH - 7.3

Unauthenticated Broken Access Control in Royal MCP <= 1.4.2 versions.

Vendor: Royal Plugins
Product: Royal MCP
Published: Jun 15, 2026
Source: NVD
CVE-2026-40774 HIGH - 7.5

Unauthenticated Broken Access Control in Booking Package <= 1.7.06 versions.

Vendor: SaasProject
Product: Booking Package
Published: Jun 15, 2026
Source: NVD
CVE-2026-40773 MEDIUM - 6.5

Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions.

Vendor: rtCamp Inc.
Product: rtMedia for WordPress, BuddyPress and bbPress
Published: Jun 15, 2026
Source: NVD
CVE-2026-40772 CRITICAL - 10.0

Unauthenticated Arbitrary File Upload in GeekyBot <= 1.2.2 versions.

Vendor: Ahmad
Product: GeekyBot
Published: Jun 15, 2026
Source: NVD