Filter and search through 392,438 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-24539 | Missing Authorization vulnerability in ABCdatos Protección de datos – RGPD proteccion-datos-rgpd allows Exploiting Incorrectly Configured Access... | 5.3 | 188 | Neutral | No |
| Yes |
| CVE-2026-24538 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnip... | 7.6 | 397 | Neutral | No | Yes |
| CVE-2026-24536 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows R... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2026-24535 | Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Inc... | 4.3 | 163 | Neutral | No | Yes |
| CVE-2026-24534 | Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Lev... | 8.8 | 609 | Neutral | No | Yes |
| CVE-2026-24532 | Missing Authorization vulnerability in SiteLock SiteLock Security sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.Thi... | 8.8 | 609 | Neutral | No | Yes |
| CVE-2026-24531 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess... | 9.8 | 588 | Neutral | No | Yes |
| CVE-2026-24530 | Missing Authorization vulnerability in sheepfish WebP Conversion webp-conversion allows Exploiting Incorrectly Configured Access Control Security Leve... | 8.8 | 609 | Neutral | No | Yes |
| CVE-2026-24529 | Missing Authorization vulnerability in Alejandro Quick Restaurant Reservations quick-restaurant-reservations allows Exploiting Incorrectly Configured ... | 8.8 | 609 | Neutral | No | Yes |
| CVE-2026-24528 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Ba... | 6.5 | 311 | Neutral | No | Yes |
| CVE-2026-24526 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Truman Email Inquiry & Cart Options fo... | 6.5 | 311 | Neutral | No | Yes |
| CVE-2026-24525 | Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security... | 8.1 | 540 | Neutral | No | Yes |
| CVE-2026-24524 | Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue ... | 8.1 | 540 | Neutral | No | Yes |
| CVE-2026-24523 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcus (aka @msykes) WP FullCalendar wp-fullcalendar allow... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2026-24522 | Missing Authorization vulnerability in MyThemeShop WP Subscribe wp-subscribe allows Exploiting Incorrectly Configured Access Control Security Levels.T... | 4.3 | 163 | Neutral | No | Yes |
| CVE-2026-24521 | Cross-Site Request Forgery (CSRF) vulnerability in Timur Kamaev Kama Thumbnail kama-thumbnail allows Cross Site Request Forgery.This issue affects Kam... | 4.3 | 163 | Neutral | No | Yes |
| CVE-2026-24515 | In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data. | 2.9 | 101 | Neutral | No | Yes |
| CVE-2026-24490 | ### Summary A Stored Cross-site Scripting (XSS) vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript ... | 8.1 | 573 | Neutral | No | Yes |
| CVE-2026-24489 | A vulnerability was discovered in Gakido that allowed HTTP Header Injection through CRLF (Carriage Return Line Feed) sequences in user-supplied header... | 5.3 | 199 | Neutral | No | Yes |
| CVE-2026-24486 | ### Summary A Path Traversal vulnerability exists when using non-default configuration options `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`. An attac... | 8.6 | 659 | Neutral | No | Yes |