CVE Security

The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.1.0 via the '...

Web


                                    CVE-2026-7522

Lire l'article

medium 5.4

27/05/2026

Vulnérabilité medium détectée - CVE-2026-9056

A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can stor...

Web


                                    CVE-2026-9056

Lire l'article

medium 6.4

27/05/2026

Vulnérabilité medium détectée - CVE-2026-2955

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' header in ver...

Web


                                    CVE-2026-2955

Lire l'article

medium 6.1

27/05/2026

Vulnérabilité medium détectée - CVE-2026-5776

The Email Encoder WordPress plugin before 2.4.7 does not escape email addresses retrieved via user input, allowing unauthenticated attackers to perfo...

Web


                                    CVE-2026-5776

Lire l'article

medium 4.3

27/05/2026

Vulnérabilité medium détectée - CVE-2026-6566

The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions...

Web


                                    CVE-2026-6566

Lire l'article

high 7.5

27/05/2026

Vulnérabilité high détectée - CVE-2026-9003

E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL...

Web


                                    CVE-2026-9003

Lire l'article

high 7.5

27/05/2026

Vulnérabilité high détectée - CVE-2026-9010

The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current_url' and 'user_name' parameters in versions up to, and inclu...

Web


                                    CVE-2026-9010

Lire l'article

medium 4.3

27/05/2026

Vulnérabilité medium détectée - CVE-2026-5075

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to,...

Web


                                    CVE-2026-5075

Lire l'article

critical 9.8

27/05/2026

Vulnérabilité critical détectée - CVE-2026-7637

The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in...

Web


                                    CVE-2026-7637

Lire l'article

medium 6.1

26/05/2026

Vulnérabilité medium détectée - CVE-2026-8627

The Correct Prices plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $_SERVER['PHP_SELF'] variable in versions up to and in...

Web


                                    CVE-2026-8627

Lire l'article

medium 6.5

26/05/2026

Vulnérabilité medium détectée - CVE-2026-8685

The Infility Global plugin for WordPress is vulnerable to SQL Injection via the 'orderby' and 'order' parameters in all versions up to, and including,...

Web


                                    CVE-2026-8685

Lire l'article

medium 5.3

26/05/2026

Vulnérabilité medium détectée - CVE-2025-15369

The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability che...

Web


                                    CVE-2025-15369

Lire l'article

14 15 16 17 18