CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-11597
Medium

The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.0.1. This is due to insufficient input sanitization and output escaping on the 'account' and 'id' shortcode attributes, which are concatenated directly into a <script> tag's src attribute. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts that execute whenever a user visits an injected page.

CVE-2026-11364
Medium

The Product Specifications for WooCommerce plugin for WordPress up to version 0.8.9 is vulnerable to unauthorized data modification, creation, and deletion. This is due to missing capability checks and nonce verification in the __invoke() methods of the AttributeGroupController and AttributeController classes, allowing authenticated attackers with Subscriber-level access or higher to manipulate product specification groups and attributes.

CVE-2026-9677
Medium

The Shariff for WordPress plugin through version 1.0.11 does not sanitize or escape the shariff_infourl setting before outputting it in the frontend HTML via the generateshariff() function. This allows high-privilege users such as administrators to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in a multisite setup).

CVE-2026-13245
Medium

The MaxButtons plugin for WordPress up to version 9.8.5 is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject arbitrary web scripts.

CVE-2026-12404
Medium

The NEX-Forms plugin for WordPress up to version 9.2.2 contains an authorization bypass vulnerability. Unauthenticated attackers can enumerate sequential report IDs and download complete form submission data, including names, email addresses, phone numbers, postal addresses, payment details, and uploaded file paths.

CVE-2026-10820
High

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before version 4.16.17 does not verify that the user performing a subscription action owns the targeted subscription. This allows any authenticated user (Subscriber+) to cancel other users' active subscriptions via an Insecure Direct Object Reference (IDOR).

CVE-2026-12415
Critical

The Invoice Generator plugin for WordPress up to version 1.0.0 contains a privilege escalation vulnerability. Missing capability checks in the pravel_invoice_edit_account() AJAX action allow unauthenticated attackers to change the email address of any user, including administrators, and then use the password reset flow to take over the account.

CVE-2026-13422
Medium

The HD Quiz plugin for WordPress versions 2.2.0 to 2.2.1 is vulnerable to Cross-Site Request Forgery (CSRF) due to missing or incorrect nonce validation in the hdq_validate_nonce function. Unauthenticated attackers can exploit this to delete or modify quizzes and questions, create new quizzes, and change plugin settings by tricking a site administrator into performing an action like clicking a link.

CVE-2026-13335
Medium

The Post Map for Google Maps plugin for WordPress up to version 1.2.6 is vulnerable to Stored Cross-Site Scripting via the 'cpm_point' Post Meta due to insufficient input sanitization and output escaping.

CVE-2026-13333
Medium

The Groundhogg plugin for WordPress (versions up to 4.5.5) is vulnerable to generic SQL injection via the 'query[select]' parameter. Insufficient escaping and lack of prepared statements allow authenticated attackers with Sales Representative-level access or higher to append additional SQL queries, potentially extracting sensitive database information.

CVE-2026-13331
Medium

The Groundhogg plugin for WordPress (CRM, newsletters, and marketing automation) in versions up to and including 4.5.5 is vulnerable to generic SQL injection via the 'search' parameter. This is due to insufficient escaping of user-supplied input and lack of proper preparation of SQL queries.

CVE-2026-11356
Medium

The Ivory Search WordPress plugin up to version 5.5.15 is vulnerable to stored XSS via the 'menu_title' and 'menu_magnifier_color' settings due to insufficient input sanitization and output escaping.

CVE-2025-59868
Medium

A vulnerability in HCL Traveler for Microsoft Outlook (HTMO) allows unauthorized access to sensitive application data, which could be exploited by an attacker to launch further attacks and cause unexpected application behavior.

CVE-2023-37524
High

HCL Traveler for Microsoft Outlook (HTMO) is vulnerable due to the use of .NET Framework 4.5, which has reached end-of-life and no longer receives security updates. This may expose the application to publicly known security weaknesses through vulnerable third-party components.

CVE-2026-56414
High

A vulnerability in H.View IP cameras allows authenticated users to upload arbitrary files to fixed filesystem locations without validating file type, structure, or size. This can place unexpected or malformed data in trusted certificate storage areas, affecting system integrity even after reboot.

CVE-2026-55975
High

A vulnerability in H.View IP cameras allows an authenticated user to inject unsanitized XML data into the certificate generation interface. This data is incorporated into a backend certificate creation command without proper validation, potentially leading to code execution with elevated privileges.

CVE-2026-33560
High

The DMP-5000 file service exposes authenticated arbitrary file upload functionality without validation. No file extension filtering or content inspection is enforced, allowing executable binaries and scripts to be accepted and written directly to the server.

CVE-2026-31928
High

DMP-5000 devices are shipped with a default administrative web account that has weak authentication controls and is not required to be changed during initial setup or operation. Using these accounts provides full system access.

CVE-2026-28701
CriticalEPSS 53%

A vulnerability in Daktronics Controller Firmware allows remote users (both authenticated and unauthenticated) to escape the intended directory and enumerate arbitrary file system paths.

CVE-2026-55069
High

A vulnerability in the BasicAuth component of Kestra OSS before version 1.3.24 allows an attacker with read access to the PostgreSQL database to recover the administrator password offline due to SHA-512's high computation speed. In Kubernetes deployments, this enables privilege escalation to read the cluster ServiceAccount token and all K8s Secrets.

PreviousPage 128 of 4531Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS