CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-45259
Medium

A vulnerability in the sigqueue(2) implementation in FreeBSD allows a process in capability mode to send signals to any process, bypassing Capsicum sandbox restrictions. The missing check for the target PID being the calling process's own enables an attacker to interfere with other processes.

CVE-2026-45258
High

An integer overflow vulnerability was found in the dsp_mmap_single() function during validation of memory mapping requests. A large offset and length can cause the sum to wrap around, bypassing the check and allowing mapping beyond the audio buffer into unrelated kernel memory.

CVE-2026-9242
Medium

The RegistrationMagic plugin for WordPress up to version 6.0.8.6 contains an authentication bypass vulnerability due to insufficient data authenticity verification in the PayPal IPN handler. The handler is accessible to unauthenticated users and updates the database before IPN validation, allowing an attacker to forge an IPN request, overwrite the user ID in a payment log, and then obtain authentication cookies for any user, including administrators.

CVE-2026-9233
Medium

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action, allowing authenticated attackers with contributor-level access and above to create, modify, and delete quiz output templates in the mlw_quiz_output_templates database table, including storing unsanitized HTML content such as arbitrary script tags.

CVE-2026-3462
Medium

The Frisbii Pay plugin for WordPress is vulnerable to unauthorized data modification due to missing capability checks in the 'upload_csv' and 'process_batch' functions in all versions up to and including 1.8.9. This allows authenticated attackers with Subscriber-level access and above to upload arbitrary CSV data and overwrite WooCommerce payment tokens, postmeta, and order meta records.

CVE-2026-13295
Medium

The Page Builder by SiteOrigin plugin for WordPress up to version 2.34.3 contains a stored XSS vulnerability via the panels_data parameter. Insufficient input sanitization and output escaping allow authenticated attackers with Contributor-level access or higher to inject arbitrary scripts that execute when users access the compromised page.

CVE-2026-12471
Medium

The Spexo theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the activate_plugin function. This allows authenticated attackers with Subscriber-level access or above to activate a limited set of plugins.

CVE-2026-12432
Medium

The WP Full Stripe Free plugin for WordPress up to version 8.4.3 lacks authorization in the wpfs_update_failed_payment_status AJAX action. Unauthenticated attackers with a valid Stripe Payment Intent ID can manipulate payment records in the database, marking successful payments as failed and overwriting error codes.

CVE-2026-12399
Medium

The Gutenverse plugin for WordPress is vulnerable to stored XSS via admin settings in all versions up to 3.8.0 due to insufficient input sanitization and output escaping.

CVE-2026-11987
Medium

The Dokan plugin for WordPress up to version 5.0.4 is vulnerable to Insecure Direct Object Reference (IDOR) via the 'id' parameter. Authenticated attackers with subscriber-level access can read other vendors' products, including unpublished drafts and pending listings.

CVE-2026-11783
Medium

The Dokan plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Product SKU field in all versions up to and including 5.0.4 due to insufficient input sanitization and output escaping. This allows authenticated attackers with custom-level access or higher to inject arbitrary web scripts that execute when users access affected pages.

CVE-2026-11773
Medium

The Masteriyo LMS plugin for WordPress up to version 2.2.1 contains an authorization bypass vulnerability. Authenticated attackers with student-level access or higher can modify the content of course announcements created by instructors or administrators.

CVE-2026-11597
Medium

The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.0.1. This is due to insufficient input sanitization and output escaping on the 'account' and 'id' shortcode attributes, which are concatenated directly into a <script> tag's src attribute. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts that execute whenever a user visits an injected page.

CVE-2026-11364
Medium

The Product Specifications for WooCommerce plugin for WordPress up to version 0.8.9 is vulnerable to unauthorized data modification, creation, and deletion. This is due to missing capability checks and nonce verification in the __invoke() methods of the AttributeGroupController and AttributeController classes, allowing authenticated attackers with Subscriber-level access or higher to manipulate product specification groups and attributes.

CVE-2026-9677
Medium

The Shariff for WordPress plugin through version 1.0.11 does not sanitize or escape the shariff_infourl setting before outputting it in the frontend HTML via the generateshariff() function. This allows high-privilege users such as administrators to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in a multisite setup).

CVE-2026-13245
Medium

The MaxButtons plugin for WordPress up to version 9.8.5 is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject arbitrary web scripts.

CVE-2026-12404
Medium

The NEX-Forms plugin for WordPress up to version 9.2.2 contains an authorization bypass vulnerability. Unauthenticated attackers can enumerate sequential report IDs and download complete form submission data, including names, email addresses, phone numbers, postal addresses, payment details, and uploaded file paths.

CVE-2026-10820
High

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before version 4.16.17 does not verify that the user performing a subscription action owns the targeted subscription. This allows any authenticated user (Subscriber+) to cancel other users' active subscriptions via an Insecure Direct Object Reference (IDOR).

CVE-2026-12415
Critical

The Invoice Generator plugin for WordPress up to version 1.0.0 contains a privilege escalation vulnerability. Missing capability checks in the pravel_invoice_edit_account() AJAX action allow unauthenticated attackers to change the email address of any user, including administrators, and then use the password reset flow to take over the account.

CVE-2026-13422
Medium

The HD Quiz plugin for WordPress versions 2.2.0 to 2.2.1 is vulnerable to Cross-Site Request Forgery (CSRF) due to missing or incorrect nonce validation in the hdq_validate_nonce function. Unauthenticated attackers can exploit this to delete or modify quizzes and questions, create new quizzes, and change plugin settings by tricking a site administrator into performing an action like clicking a link.

PreviousPage 122 of 4529Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS