Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21903
Total
1562
Critical
6654
High
7000
Medium
CVE ID Severity Score Description Published
CVE-2026-42657 MEDIUM 5.3 Unauthenticated Other Vulnerability Type in Contest Gallery <= 28.1.7 versions. Jun 15, 2026
CVE-2026-42656 MEDIUM 6.5 Subscriber Cross Site Scripting (XSS) in Contest Gallery <= 28.1.6 versions. Jun 15, 2026
CVE-2026-42655 MEDIUM 5.9 Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions. Jun 15, 2026
CVE-2026-42651 MEDIUM 6.3 Subscriber Broken Access Control in Classified Listing <= 5.3.9 versions. Jun 15, 2026
CVE-2026-42650 HIGH 7.2 Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.6.7 versions. Jun 15, 2026
CVE-2026-42649 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Favicon Rotator <= 1.2.11 versions. Jun 15, 2026
CVE-2026-42640 MEDIUM 6.5 Unauthenticated Broken Access Control in Classified Listing <= 5.3.8 versions. Jun 15, 2026
CVE-2026-42639 CRITICAL 9.3 Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions. Jun 15, 2026
CVE-2026-42411 HIGH 8.1 Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions. Jun 15, 2026
CVE-2026-42386 CRITICAL 9.3 Unauthenticated SQL Injection in Order Delivery Date for WooCommerce <= 4.5.1 versions. Jun 15, 2026
CVE-2026-42384 HIGH 7.5 Unauthenticated Sensitive Data Exposure in Simply Schedule Appointments < 1.6.11.2 versions. Jun 15, 2026
CVE-2026-42381 CRITICAL 9.3 Unauthenticated SQL Injection in Funnel Builder by FunnelKit <= 3.15.0.1 versions. Jun 15, 2026
CVE-2026-42378 MEDIUM 6.5 Subscriber Broken Authentication in WP Full Stripe Free <= 8.4.1 versions. Jun 15, 2026
CVE-2026-41556 MEDIUM 6.5 Subscriber Cross Site Scripting (XSS) in ProfilePress <= 4.16.13 versions. Jun 15, 2026
CVE-2026-40799 MEDIUM 5.3 Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions. Jun 15, 2026
CVE-2026-40798 CRITICAL 9.3 Unauthenticated SQL Injection in wpForo Forum <= 3.0.4 versions. Jun 15, 2026
CVE-2026-40796 MEDIUM 6.5 Subscriber Sensitive Data Exposure in WPPizza <= 3.19.9 versions. Jun 15, 2026
CVE-2026-40795 MEDIUM 6.5 Subscriber Broken Access Control in Amelia <= 2.2 versions. Jun 15, 2026
CVE-2026-40794 MEDIUM 6.5 Subscriber Broken Access Control in myCred <= 3.0.3 versions. Jun 15, 2026
CVE-2026-40793 MEDIUM 6.5 Subscriber Broken Access Control in Groundhogg < 4.4.1 versions. Jun 15, 2026
CVE-2026-40792 MEDIUM 6.3 Subscriber Insecure Direct Object References (IDOR) in KiviCare <= 4.2.1 versions. Jun 15, 2026
CVE-2026-40791 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form <= 1.2.46 versions. Jun 15, 2026
CVE-2026-40790 MEDIUM 6.5 Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions. Jun 15, 2026
CVE-2026-40789 HIGH 7.5 Unauthenticated Sensitive Data Exposure in Amelia <= 2.2 versions. Jun 15, 2026
CVE-2026-40788 HIGH 7.1 Subscriber Broken Access Control in ChatBot <= 7.9.7 versions. Jun 15, 2026