Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-39533 2026-06-15 HIGH 7.5 Unauthenticated Broken Access Control in AWP Classifieds
CVE-2026-39532 2026-06-15 HIGH 8.8 Contributor PHP Object Injection in Events Calendar for GeoDirectory
CVE-2026-39530 2026-06-15 CRITICAL 9.3 Unauthenticated SQL Injection in SpeakOut! Email Petitions
CVE-2026-39527 2026-06-15 MEDIUM 5.4 Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions.
CVE-2026-39525 2026-06-15 MEDIUM 6.5 Unauthenticated Broken Access Control in Booking Activities
CVE-2026-39524 2026-06-15 HIGH 7.5 Unauthenticated Broken Access Control in Masteriyo - LMS
CVE-2026-39519 2026-06-15 CRITICAL 9.3 Unauthenticated SQL Injection in GeekyBot
CVE-2026-39518 2026-06-15 HIGH 7.1 Subscriber Insecure Direct Object References (IDOR) in EventPrime
CVE-2026-39515 2026-06-15 MEDIUM 6.5 Subscriber Broken Access Control in Motors < 1.4.107 versions.
CVE-2026-39514 2026-06-15 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Paid Member Subscriptions
CVE-2026-39513 2026-06-15 HIGH 7.5 Unauthenticated Broken Access Control in Easy Appointments
CVE-2026-39512 2026-06-15 CRITICAL 9.3 Unauthenticated SQL Injection in GeoDirectory
CVE-2026-39511 2026-06-15 CRITICAL 9.3 Unauthenticated SQL Injection in WP Photo Album Plus
CVE-2026-39507 2026-06-15 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Social Slider Feed
CVE-2026-39503 2026-06-15 HIGH 7.5 Unauthenticated Broken Access Control in Easy Digital Downloads
CVE-2026-39502 2026-06-15 CRITICAL 9.3 Unauthenticated SQL Injection in Form Maker by 10Web
CVE-2026-39499 2026-06-15 HIGH 7.2 Shop manager PHP Object Injection in Advanced Product Fields (Product Addons) for WooCommerce
CVE-2026-39498 2026-06-15 HIGH 7.2 Shop manager PHP Object Injection in YayMail
CVE-2026-39493 2026-06-15 CRITICAL 9.3 Unauthenticated SQL Injection in Simply Schedule Appointments
CVE-2026-39492 2026-06-15 CRITICAL 9.3 Unauthenticated SQL Injection in WP Maps
CVE-2026-39491 2026-06-15 MEDIUM 6.5 Subscriber Cross Site Scripting (XSS) in JupiterX Core
CVE-2026-39489 2026-06-15 MEDIUM 4.4 Author Arbitrary File Download in Download Monitor
CVE-2026-39481 2026-06-15 HIGH 7.2 Author PHP Object Injection in Modula Image Gallery
CVE-2026-39480 2026-06-15 HIGH 7.5 Unauthenticated Sensitive Data Exposure in Backup Migration
CVE-2026-39478 2026-06-15 HIGH 8.8 Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall
CVE-2026-39474 2026-06-15 HIGH 8.8 Contributor PHP Object Injection in Post Duplicator
CVE-2026-39472 2026-06-15 HIGH 7.2 Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips < 5.9.0 versions.
CVE-2026-39471 2026-06-15 HIGH 7.2 Author PHP Object Injection in ShortPixel Image Optimizer
CVE-2026-39470 2026-06-15 HIGH 7.2 Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery < 2.1.0 versions.
CVE-2026-39468 2026-06-15 MEDIUM 6.8 Contributor Arbitrary File Deletion in Meta Box – WordPress Custom Fields Framework
CVE-2026-39465 2026-06-15 CRITICAL 9.1 Editor Remote Code Execution (RCE) in Responsive Slider by MetaSlider
CVE-2026-39463 2026-06-15 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in ManageWP Worker
CVE-2026-39451 2026-06-15 MEDIUM 6.3 Unauthenticated Cross Site Scripting (XSS) in WP Google Review Slider
CVE-2026-39450 2026-06-15 HIGH 7.1 Subscriber Broken Authentication in FunnelKit Automations
CVE-2026-39449 2026-06-15 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Contact Form to Any API
CVE-2026-39447 2026-06-15 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments
CVE-2026-39441 2026-06-15 CRITICAL 9.3 Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free
CVE-2026-39435 2026-06-15 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in CformsII
CVE-2026-39434 2026-06-15 HIGH 7.2 Shop manager PHP Object Injection in CTX Feed
CVE-2026-34902 2026-06-15 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in WooCommerce Product Table Lite
CVE-2026-34901 2026-06-15 CRITICAL 9.8 Unauthenticated Privilege Escalation in iControlWP
CVE-2026-34900 2026-06-15 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in GiveWP
CVE-2026-34898 2026-06-15 HIGH 7.5 Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce
CVE-2026-34892 2026-06-15 MEDIUM 6.5 Subscriber Broken Access Control in Rank Math SEO
CVE-2026-34891 2026-06-15 HIGH 7.5 Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce
CVE-2026-34886 2026-06-15 HIGH 7.5 Unauthenticated Broken Access Control in Simple Membership
CVE-2026-27407 2026-06-15 HIGH 7.2 Editor Privilege Escalation in AI Engine
CVE-2026-27333 2026-06-15 HIGH 8.1 Unauthenticated Deserialization of untrusted data in Paid Videochat Turnkey Site
CVE-2026-27089 2026-06-15 HIGH 7.5 Unauthenticated Bypass Vulnerability in WpTravelly
CVE-2026-27053 2026-06-15 CRITICAL 9.8 Unauthenticated PHP Object Injection in Broadcast Live Video < 7.1.3 versions.
« Anterior Página 97 de 4528 Siguiente »