Search
Search Results (358680 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69165 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Choreo <= 1.6 versions. | ||||
| CVE-2025-69167 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Eros <= 1.3 versions. | ||||
| CVE-2026-9570 | 2 Taskbuilder, Wordpress | 2 Taskbuilder, Wordpress | 2026-06-17 | 7.1 High |
| The Taskbuilder WordPress plugin before 5.0.8 does not properly sanitise a URL parameter before echoing it into inline JavaScript on a frontend page containing one of its shortcodes, leading to a Reflected Cross-Site Scripting vulnerability that can be triggered against any logged-in user. | ||||
| CVE-2025-69168 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Spike <= 1.2 versions. | ||||
| CVE-2025-69176 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in ITactics <= 1.0 versions. | ||||
| CVE-2025-69177 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions. | ||||
| CVE-2025-69178 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions. | ||||
| CVE-2026-12256 | 2026-06-17 | 8.8 High | ||
| Contributor PHP Object Injection in Avada <= 3.15.3 versions. | ||||
| CVE-2026-27395 | 2 Schiocco, Wordpress | 2 Support Board, Wordpress | 2026-06-17 | 9.8 Critical |
| Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions. | ||||
| CVE-2026-27429 | 2026-06-17 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions. | ||||
| CVE-2026-34893 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions. | ||||
| CVE-2026-34894 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions. | ||||
| CVE-2026-34895 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions. | ||||
| CVE-2026-39433 | 2026-06-17 | 6.5 Medium | ||
| Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions. | ||||
| CVE-2026-39438 | 2026-06-17 | 9.3 Critical | ||
| Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions. | ||||
| CVE-2026-39443 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions. | ||||
| CVE-2026-39446 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions. | ||||
| CVE-2026-39522 | 2026-06-17 | 8.1 High | ||
| Unauthenticated Local File Inclusion in Solene <= 3.4 versions. | ||||
| CVE-2026-39529 | 2026-06-17 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions. | ||||
| CVE-2026-39539 | 2026-06-17 | 8.1 High | ||
| Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions. | ||||