CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
The NEX-Forms plugin for WordPress up to version 9.2.2 is vulnerable to Stored Cross-Site Scripting via the '_name[]' array parameter. Insufficient input sanitization and output escaping allow unauthenticated attackers to inject arbitrary scripts that execute when a user accesses the affected page.
The WP Photo Album Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subtext' parameter in versions up to and including 9.1.13.005 due to insufficient input sanitization and output escaping. This allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts.
Missing Authorization vulnerability in Woffice allows exploiting incorrectly configured access control security levels. This issue affects Woffice versions before 5.4.33.
The MotoPress Appointment Booking plugin for WordPress is vulnerable to generic SQL injection via the 's' parameter in all versions up to and including 2.4.5 due to insufficient escaping and lack of query preparation. This allows authenticated attackers with custom-level access or higher to append additional SQL queries to existing ones.
The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'layoutstyle' parameter in all versions up to and including 1.8.12 due to insufficient input sanitization and output escaping.
The vulnerability in CGI::Session::ID::md5 for Perl before version 4.49 generates predictable session IDs from low-entropy sources. The generate_id method builds the session ID from an MD5 digest of the process ID, epoch time, and the built-in rand() function, all of which are predictable.
An OS command injection vulnerability exists in SkyBridge MB-A100/MB-A110 devices. The issue is caused by improper neutralization of special elements used in OS commands.
The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'no_data_msg' shortcode attribute in all versions up to and including 3.3.60 due to insufficient input sanitization and output escaping. This allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts that execute when a user visits an injected page.
The LearnPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class_wrapper_form' shortcode attribute in versions up to and including 4.4.0. Authenticated attackers with contributor-level access or higher can inject arbitrary scripts that execute when users visit the affected page.
The DVP80ES3 device contains a vulnerability due to an improperly implemented security check for the standard. This could allow an attacker to bypass security mechanisms.
The DVP80ES3 device has a vulnerability due to improper enforcement of message integrity during transmission in a communication channel. This allows an attacker to modify transmitted data without detection.
The vulnerability in DVP80ES3 involves improper resource shutdown or release, which can lead to memory leaks or other performance issues.
The Motors – Car Dealership & Classified Listings plugin for WordPress up to version 1.4.111 is vulnerable to authorization bypass. An authenticated attacker with subscriber-level access can mark or unmark any other user's car listing as sold by replaying a valid nonce from their own listing.
The Slim SEO plugin for WordPress up to version 4.9.8 contains a vulnerability allowing unauthorized disclosure of private content. The issue is in the REST API endpoint `/wp-json/slim-seo/meta-tags/ai`, which does not properly verify user permissions to read a specific post, enabling authenticated attackers with Contributor-level access or higher to retrieve summaries of any post's content, including private, draft, pending, future, and password-protected posts.
The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via the update_capabilities REST Endpoint in all versions up to and including 5.0.4. The lack of allowlist validation allows authenticated attackers with Vendor-level access or higher, when the Vendor Staff module is enabled, to grant arbitrary WordPress capabilities, including administrator, to vendor_staff accounts, leading to full site takeover.
The RegistrationMagic – User Registration Forms Plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 6.0.9.1. Missing nonce validation in the process_request function allows unauthenticated attackers to escalate privileges of an arbitrary form submitter to administrator by creating a malicious Chronos automation task executed via WordPress cron, provided they trick a site administrator into clicking a link.
The SMS Alert plugin for WordPress up to version 3.9.5 allows unauthenticated attackers to take over administrator accounts by changing the email address and resetting the password. This vulnerability is exploitable only when OTP verification for password resets is enabled and the administrator has a phone number set.
Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects unsupported versions 9.0.20.x and potentially earlier unsupported versions.
A vulnerability in Control-M/Server communication allows an unauthenticated attacker to execute unauthorized commands due to insufficient input filtering. The issue affects versions 9.0.20.x through 9.0.21.200 and potentially earlier unsupported versions.
A vulnerability in the messaging consumer functionality of unsupported Control-M/Server and Control-M/Enterprise Manager versions 9.0.20.x and earlier allows deserialization of user-controlled data without sufficient restriction of allowed object types. This may allow an authenticated attacker to trigger unintended server-side behavior through crafted serialized content.

