9.9

CVSS3.1

CVE-2026-25366 - WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code ('Code Injection') vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through <= 2.7.1.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 26, 2026, 11:38 a.m.

6.5

CVSS3.1

CVE-2026-25365 - WordPress Kargo Takip plugin < 0.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Γ–zgΓΌr KARALAR Kargo Takip kargo-takip-turkiye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kargo Takip: from n/a through < 0.2.4.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 27, 2026, 9:45 a.m.

7.1

CVSS3.1

CVE-2026-25361 - WordPress WpEvently plugin <= 5.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam WpEvently mage-eventpress allows Reflected XSS.This issue affects WpEvently: from n/a through <= 5.1.4.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 26, 2026, 11:38 a.m.

8.8

CVSS3.1

CVE-2026-25360 - WordPress Vex theme < 1.2.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in rascals Vex vex allows Object Injection.This issue affects Vex: from n/a through < 1.2.9.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 27, 2026, 9:45 a.m.

8.8

CVSS3.1

CVE-2026-25359 - WordPress Pendulum theme < 3.1.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in rascals Pendulum pendulum allows Object Injection.This issue affects Pendulum: from n/a through < 3.1.5.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 27, 2026, 9:45 a.m.

8.8

CVSS3.1

CVE-2026-25358 - WordPress Meloo theme < 2.8.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through < 2.8.2.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 27, 2026, 9:45 a.m.

8.1

CVSS3.1

CVE-2026-25357 - WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through <= 13.7.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 27, 2026, 9:45 a.m.

7.1

CVSS3.1

CVE-2026-25356 - WordPress Yobazar theme < 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Yobazar yobazar allows Reflected XSS.This issue affects Yobazar: from n/a through < 1.6.7.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 26, 2026, 11:38 a.m.

6.5

CVSS3.1

CVE-2026-25355 - WordPress Sanzo theme < 2.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Sanzo sanzo allows Stored XSS.This issue affects Sanzo: from n/a through < 2.4.3.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 26, 2026, 11:38 a.m.

7.1

CVSS3.1

CVE-2026-25354 - WordPress Reebox theme < 1.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Reebox reebox allows Reflected XSS.This issue affects Reebox: from n/a through < 1.4.8.

πŸ“… Published: March 25, 2026, 4:14 p.m. πŸ”„ Last Modified: March 26, 2026, 11:38 a.m.
Total resulsts: 341039
Page 83 of 34,104
Β« previous page Β» next page
Filters