CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-12142
High

The NEX-Forms plugin for WordPress up to version 9.2.2 is vulnerable to Stored Cross-Site Scripting via the '_name[]' array parameter. Insufficient input sanitization and output escaping allow unauthenticated attackers to inject arbitrary scripts that execute when a user accesses the affected page.

CVE-2026-10095
Medium

The WP Photo Album Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subtext' parameter in versions up to and including 9.1.13.005 due to insufficient input sanitization and output escaping. This allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts.

CVE-2026-27435
Medium

Missing Authorization vulnerability in Woffice allows exploiting incorrectly configured access control security levels. This issue affects Woffice versions before 5.4.33.

CVE-2026-13454
Medium

The MotoPress Appointment Booking plugin for WordPress is vulnerable to generic SQL injection via the 's' parameter in all versions up to and including 2.4.5 due to insufficient escaping and lack of query preparation. This allows authenticated attackers with custom-level access or higher to append additional SQL queries to existing ones.

CVE-2026-12754
Medium

The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'layoutstyle' parameter in all versions up to and including 1.8.12 due to insufficient input sanitization and output escaping.

CVE-2026-56016
Medium

The vulnerability in CGI::Session::ID::md5 for Perl before version 4.49 generates predictable session IDs from low-entropy sources. The generate_id method builds the session ID from an MD5 digest of the process ID, epoch time, and the built-in rand() function, all of which are predictable.

CVE-2026-50043
HighEPSS 62%

An OS command injection vulnerability exists in SkyBridge MB-A100/MB-A110 devices. The issue is caused by improper neutralization of special elements used in OS commands.

CVE-2026-13733
Medium

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'no_data_msg' shortcode attribute in all versions up to and including 3.3.60 due to insufficient input sanitization and output escaping. This allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts that execute when a user visits an injected page.

CVE-2026-12732
Medium

The LearnPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class_wrapper_form' shortcode attribute in versions up to and including 4.4.0. Authenticated attackers with contributor-level access or higher can inject arbitrary scripts that execute when users visit the affected page.

CVE-2026-12577
High

The DVP80ES3 device contains a vulnerability due to an improperly implemented security check for the standard. This could allow an attacker to bypass security mechanisms.

CVE-2026-12576
High

The DVP80ES3 device has a vulnerability due to improper enforcement of message integrity during transmission in a communication channel. This allows an attacker to modify transmitted data without detection.

CVE-2026-12575
High

The vulnerability in DVP80ES3 involves improper resource shutdown or release, which can lead to memory leaks or other performance issues.

CVE-2026-12435
Medium

The Motors – Car Dealership & Classified Listings plugin for WordPress up to version 1.4.111 is vulnerable to authorization bypass. An authenticated attacker with subscriber-level access can mark or unmark any other user's car listing as sold by replaying a valid nonce from their own listing.

CVE-2026-12408
Medium

The Slim SEO plugin for WordPress up to version 4.9.8 contains a vulnerability allowing unauthorized disclosure of private content. The issue is in the REST API endpoint `/wp-json/slim-seo/meta-tags/ai`, which does not properly verify user permissions to read a specific post, enabling authenticated attackers with Contributor-level access or higher to retrieve summaries of any post's content, including private, draft, pending, future, and password-protected posts.

CVE-2026-12224
High

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via the update_capabilities REST Endpoint in all versions up to and including 5.0.4. The lack of allowlist validation allows authenticated attackers with Vendor-level access or higher, when the Vendor Staff module is enabled, to grant arbitrary WordPress capabilities, including administrator, to vendor_staff accounts, leading to full site takeover.

CVE-2026-12158
High

The RegistrationMagic – User Registration Forms Plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 6.0.9.1. Missing nonce validation in the process_request function allows unauthenticated attackers to escalate privileges of an arbitrary form submitter to administrator by creating a malicious Chronos automation task executed via WordPress cron, provided they trick a site administrator into clicking a link.

CVE-2026-11387
Critical

The SMS Alert plugin for WordPress up to version 3.9.5 allows unauthenticated attackers to take over administrator accounts by changing the email address and resetting the password. This vulnerability is exploitable only when OTP verification for password resets is enabled and the administrator has a phone number set.

CVE-2026-10540
Medium

Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects unsupported versions 9.0.20.x and potentially earlier unsupported versions.

CVE-2026-10539
Critical

A vulnerability in Control-M/Server communication allows an unauthenticated attacker to execute unauthorized commands due to insufficient input filtering. The issue affects versions 9.0.20.x through 9.0.21.200 and potentially earlier unsupported versions.

CVE-2026-10538
High

A vulnerability in the messaging consumer functionality of unsupported Control-M/Server and Control-M/Enterprise Manager versions 9.0.20.x and earlier allows deserialization of user-controlled data without sufficient restriction of allowed object types. This may allow an authenticated attacker to trigger unintended server-side behavior through crafted serialized content.

PreviousPage 74 of 4537Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS