9.8
CVE-2026-22337 - WordPress Directorist Social Login plugin < 2.1.4 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4.
5.3
CVE-2026-7115 - code-projects Employee Management System delete.php sql injection
A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might beโฆ
9.3
CVE-2026-22336 - WordPress Directorist Booking plugin < 3.0.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2.
5.3
CVE-2026-7114 - code-projects Employee Management System edit.php sql injection
A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
6.3
CVE-2026-7113 - NousResearch hermes-agent Webhooks Endpoint webhook.py missing authentication
A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The manipulation of the argument _INSECURE_NO_AUTH results in missing authentication. The attack can be lauโฆ
