Export limit exceeded: 363054 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363054 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363054 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-54260 | 1 Wagtail | 1 Wagtail | 2026-07-02 | 4.3 Medium |
| Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, an authenticated admin user can trigger expensive rendition processing with purposefully crafted filter specs resulting in potentially service degradation. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin. This issue has been fixed in versions 7.0.8, 7.3.3, and 7.4.2. | ||||
| CVE-2026-55793 | 2026-07-02 | N/A | ||
| Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in an entry title. When an admin, or any control panel user with saveEntries for the same Structure section, drags another entry under the poisoned entry in table view, the payload executes in the victim’s session. The issue is exploitable because the title is escaped into data-title by the server, decoded again by the browser, read with jQuery .data('title'), and then concatenated into a new HTML string without attribute escaping. To exploit, an attacker must have an existing control panel account (Author role minimum), the victim must perform a drag operation (not just visit the page), and the victim’s session needs to be elevated at trigger time. This issue has been fixed in version 5.9.23. | ||||
| CVE-2026-55791 | 2026-07-02 | N/A | ||
| Craft CMS is a content management system (CMS). Versions 4.0.0-RC1 and above, prior to 4.18.0 and 5.0.0-RC1, and above, prior to 5.10.0, are vulnerable to Server-Side Request Forgery (SSRF) and Arbitrary JavaScript Injection through the /actions/app/resource-js endpoint. By exploiting the default permissive trustedHosts configuration, an attacker can poison the Host or X-Forwarded-Host header to manipulate the application’s $baseUrl. This bypasses the endpoint’s internal URL validation, forcing the backend Guzzle client to fetch a malicious payload from an attacker-controlled server and reflect it to the client with a Content-Type: application/javascript header. The vulnerability manifests when assetManager.cacheSourcePaths is set to false. This issue has been fixed in versions 4.18.0 and 5.10.0. | ||||
| CVE-2026-11600 | 2026-07-02 | 4.3 Medium | ||
| The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs (and Off Canvas) widget's template rendering in versions up to, and including, 1.4.26. The render() method of the Tabs widget passes a user-controlled template/post ID directly to Elementor's get_builder_content_for_display() without verifying the referenced post's status (published/private/draft) or the visitor's authorization to view it. This makes it possible for authenticated attackers, with Author-level access and above, to disclose the contents of private Elementor-driven pages and templates to anonymous visitors by configuring an Envo Tabs widget on a public post to reference the private content's ID (which can be supplied by editing the underlying Elementor widget JSON via the Elementor editor REST API). | ||||
| CVE-2026-10104 | 2026-07-02 | 4.4 Medium | ||
| The Product Video Gallery for Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom_thumbnail Parameter in all versions up to, and including, 1.5.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with shop manager-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-13251 | 2 Perfmatters, Wordpress | 2 Perfmatters, Wordpress | 2026-07-02 | 7.5 High |
| The Perfmatters plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.4 via the 's' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. Exploitation requires the Local Google Fonts feature to be enabled (disabled by default), pretty permalinks to be active, and RSS feed links to remain enabled in the plugin settings. | ||||
| CVE-2026-9145 | 2 Crmperks, Wordpress | 2 Database For Contact Form 7, Wpforms, Elementor Forms, Wordpress | 2026-07-02 | 6.5 Medium |
| The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to Arbitrary File Copy via the create_entry_el() function in versions up to, and including, 1.5.1. The function reads raw_value from Elementor Pro's Form_Record object for upload-type fields and passes it directly to PHP's copy() without validating that the value corresponds to a legitimately uploaded file — when no file is present in $_FILES, raw_value reflects the attacker-controlled POST string. copy() accepts both local filesystem paths and URL sources, so the attacker can target any file readable by the PHP process or supply an attacker-controlled remote URL. Elementor Pro is a prerequisite for triggering the code path (it owns the elementor_pro/forms/new_record hook and populates the Form_Record object), but the bug itself is entirely in Contact Form Entries' handler. This could allow unauthenticated attackers to disclose arbitrary files on the affected site's server. The file is copied to a directory unknown to the attacker; the hashed directory name provides defense-in-depth but is generated from non-cryptographic sources (uniqid() + rand()) and should not be relied upon as the primary mitigation. | ||||
| CVE-2025-69133 | 2 Goodlayers, Wordpress | 2 Tour Master, Wordpress | 2026-07-02 | 7.5 High |
| Subscriber Local File Inclusion in Tourmaster <= 5.4.5 versions. | ||||
| CVE-2025-69156 | 2026-07-02 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Kids Zone - Children WordPress Theme <= 5.4 versions. | ||||
| CVE-2026-27414 | 2026-07-02 | 8.8 High | ||
| Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions. | ||||
| CVE-2026-27436 | 2026-07-02 | 9.1 Critical | ||
| Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions. | ||||
| CVE-2026-57344 | 2 Radiustheme, Wordpress | 2 Classified Listing, Wordpress | 2026-07-02 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.4.2 versions. | ||||
| CVE-2026-57351 | 2 Haktansuren, Wordpress | 2 Handl Utm Grabber, Wordpress | 2026-07-02 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in HandL UTM Grabber <= 2.9.2 versions. | ||||
| CVE-2026-57357 | 2026-07-02 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Search Atlas SEO <= 2.6.6 versions. | ||||
| CVE-2026-57366 | 2 Greg Winiarski, Wordpress | 2 Wpadverts, Wordpress | 2026-07-02 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in WPAdverts <= 2.3.1 versions. | ||||
| CVE-2026-57669 | 2026-07-02 | 6.5 Medium | ||
| Subscriber Broken Access Control in Advanced Contact form 7 DB <= 2.0.9 versions. | ||||
| CVE-2026-57675 | 2 Jacob N. Breetvelt, Wordpress | 2 Wp Photo Album Plus, Wordpress | 2026-07-02 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in WP Photo Album Plus <= 9.2.02.004 versions. | ||||
| CVE-2026-57683 | 2026-07-02 | 9.3 Critical | ||
| Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions. | ||||
| CVE-2026-57689 | 2026-07-02 | 4.3 Medium | ||
| Subscriber Broken Access Control in Werkstatt <= 4.7.2 versions. | ||||
| CVE-2026-57748 | 2026-07-02 | 7.5 High | ||
| Contributor Local File Inclusion in Shopify <= 1.0.0 versions. | ||||