0.0
CVE-2026-26087 -
Not used
0.0
CVE-2026-26092 -
Not used
0.0
CVE-2026-26086 -
Not used
0.0
CVE-2026-26089 -
Not used
0.0
CVE-2026-26085 -
Not used
5.3
CVE-2026-2295 - WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post…
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax_post_grid_load_more' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attack…
6.9
CVE-2025-13651 - LEAK OF SENSITIVE INFORMATION ON MICROCOM'S ZEUSWEB
Exposure of Sensitive System Information to an Unauthorized Actor vulnerability in Microcom ZeusWeb allows Web Application Fingerprinting of sensitive data. This issue affects ZeusWeb: 6.1.31.
5.1
CVE-2025-13650 - REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB
An attacker with access to the web application ZeusWeb of the provider Microcom (in this case, registration is not necessary, but the action must be performed) who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat…
5.1
CVE-2025-13649 - REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB
An attacker with access to the web application ZeusWeb of the provider Microcom (in this case, registration is not necessary, but the action must be performed) who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the ‘…
4.8
CVE-2025-13648 - STORED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB
An attacker with access to the web application ZeusWeb of the provider Microcom (in this case, registration is required) who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the…