Skip to main content
CVE-2026-24399 CRITICAL POC PATCH Act Now

Stored XSS in ChatterMate AI chatbot framework versions 1.0.8 and below. The chatbot accepts and renders malicious HTML/JavaScript from user input. PoC and patch available.

XSS AI / ML Chattermate
NVD GitHub
CVSS 3.1
9.3
EPSS
0.0%
CVE-2026-24412 HIGH POC PATCH This Week

Heap buffer overflow in iccDEV versions 2.3.1.1 and below allows remote code execution through maliciously crafted ICC color profile data submitted to the CIccTagXmlSegmentedCurve::ToXml() function. Public exploit code exists for this vulnerability, enabling attackers to achieve denial of service, data manipulation, and arbitrary code execution with no authentication required. The vulnerability affects all users of the vulnerable iccDEV library versions and has been resolved in version 2.3.1.2.

Buffer Overflow Iccdev
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-24406 HIGH POC PATCH This Week

Heap buffer overflow in iccDEV versions 2.3.1.1 and below allows remote code execution when processing maliciously crafted ICC color profiles, with public exploit code currently available. An unauthenticated attacker can trigger the vulnerability through user-supplied input to the CIccTagNamedColor2::SetSize() function, enabling arbitrary code execution, denial of service, or data manipulation. The vulnerability has been patched in version 2.3.1.2.

Buffer Overflow Iccdev
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-24405 HIGH POC PATCH This Week

Heap buffer overflow in iccDEV versions 2.3.1.1 and earlier allows remote code execution through maliciously crafted ICC color profiles when user input is processed by CIccMpeCalculator::Read(). Public exploit code exists for this vulnerability, enabling attackers to execute arbitrary code, cause denial of service, or manipulate application data. The vulnerability is fixed in version 2.3.1.2.

Buffer Overflow Iccdev
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-24403 HIGH POC PATCH This Week

Integer overflow in iccDEV's ICC profile parsing (versions 2.3.1.1 and below) allows remote attackers to corrupt memory or trigger denial of service by crafting malicious profile headers with tampered tag tables or offset fields, with public exploit code available. The vulnerability can potentially enable arbitrary code execution or bypass security checks in applications using affected iccDEV libraries. Users should upgrade to version 2.3.1.2 or later to remediate this risk.

Integer Overflow Memory Corruption Iccdev
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-24411 HIGH POC PATCH This Week

iccDEV versions 2.3.1.1 and earlier contain unsafe handling of user-supplied input in the CIccTagXmlSegmentedCurve::ToXml() function, enabling remote attackers to trigger undefined behavior in ICC profile parsing. Public exploit code exists for this vulnerability, which can lead to denial of service, data manipulation, or arbitrary code execution. Upgrade to version 2.3.1.2 to remediate.

Denial Of Service RCE Code Injection Iccdev
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-24407 HIGH POC PATCH This Week

iccDEV versions 2.3.1.1 and earlier allow remote attackers to trigger undefined behavior in the icSigCalcOp() function through malicious ICC color profiles, enabling denial of service, data manipulation, or potential code execution. The vulnerability stems from unsafe handling of user-controllable input in binary profile data, and public exploit code exists. Affected organizations should upgrade to version 2.3.1.2 or later.

Denial Of Service RCE Code Injection Iccdev
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-24410 HIGH POC PATCH This Week

iccDEV versions 2.3.1.1 and below are vulnerable to null pointer dereference in CIccProfileXml::ParseBasic() when processing maliciously crafted ICC color profiles, allowing remote attackers to trigger denial of service or data manipulation without user interaction. Public exploit code exists for this vulnerability, which affects applications using the iccDEV libraries for color profile handling. The vulnerability has been patched in version 2.3.1.2.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-24409 HIGH POC PATCH This Week

Null pointer dereference in iccDEV versions 2.3.1.1 and below allows remote attackers to trigger denial of service or data manipulation via maliciously crafted ICC color profile data, with public exploit code currently available. The vulnerability stems from unsafe handling of user-controllable input in the CIccTagXmlFloatNum<>::ParseXml() function and may enable code execution depending on application context. Upgrade to version 2.3.1.2 to remediate.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-24404 HIGH POC PATCH This Week

iccDEV versions 2.3.1.1 and below contain a null pointer dereference in the CIccXmlArrayType() function that allows remote attackers to trigger denial of service, data manipulation, or potentially achieve code execution through crafted ICC profile data. The vulnerability stems from unsafe handling of user-controlled input in binary structured data and has public exploit code available. Upgrade to version 2.3.1.2 or later to remediate.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-24420 MEDIUM POC PATCH This Month

Authenticated users in phpMyFAQ 4.0.16 and below can bypass permission checks to download FAQ attachments they should not have access to, due to improper validation of authorization tokens in attachment.php and flawed permission logic. An attacker with valid credentials but without the dlattachment permission can exploit this to retrieve sensitive attachment content. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP Phpmyfaq
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24421 MEDIUM POC PATCH This Month

phpMyFAQ versions 4.0.16 and below allow authenticated users to access the backup API endpoint without proper authorization checks, enabling them to download configuration files containing sensitive data. The vulnerability stems from incomplete authorization validation in SetupController.php, which only verifies authentication rather than admin permissions. Public exploit code exists for this issue, and no patch is currently available.

PHP Phpmyfaq
NVD GitHub Exploit-DB VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24128 MEDIUM POC PATCH This Month

Reflected XSS in XWiki Platform versions 7.0 through 17.7.0 enables attackers to craft malicious URLs that execute arbitrary actions with victim privileges, potentially leading to full installation compromise if the victim holds administrative or programming rights. The vulnerability requires user interaction to trigger and affects multiple version branches across the XWiki and XWiki Rendering products. Patches are available for affected versions, and a manual workaround exists that requires modification of a single line in the logging_macros.vm template without requiring a restart.

XSS Xwiki Xwiki Rendering
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-13374 CRITICAL Act Now

Arbitrary file upload in Kalrav AI Agent WordPress plugin due to missing file type validation in the kalrav_upload_file AJAX action.

WordPress RCE AI / ML PHP
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-22583 CRITICAL Act Now

Argument injection in Salesforce Marketing Cloud Engagement CloudPagesURL component. Second Salesforce Marketing Cloud CVE with same root cause.

Code Injection Marketing Cloud Engagement
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-22582 CRITICAL Act Now

Argument injection in Salesforce Marketing Cloud Engagement MicrositeURL component allows command execution. First of four critical Salesforce Marketing Cloud CVEs.

Code Injection Marketing Cloud Engagement
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-13952 CRITICAL Act Now

Write-after-free crash in GPU compiler process triggered by unusual GPU shader code loaded from the web. Browser vulnerability through WebGPU shader compilation.

Use After Free Denial Of Service Ddk
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-22586 CRITICAL Act Now

Hardcoded cryptographic key in Salesforce Marketing Cloud Engagement used across CloudPages, Forward to a Friend, Profile Center, and Subscription Center. Fourth critical Salesforce CVE.

Information Disclosure Marketing Cloud Engagement
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-22585 CRITICAL Act Now

Use of broken/risky cryptographic algorithm in Salesforce Marketing Cloud Engagement affecting CloudPages, Forward to a Friend, Profile Center, and Subscription Center components.

Information Disclosure Marketing Cloud Engagement
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-13920 MEDIUM POC This Month

WP Directory Kit (WordPress plugin) versions up to 1.4.9 is affected by information exposure (CVSS 5.3).

WordPress Information Disclosure PHP
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-24422 MEDIUM POC PATCH This Month

Insufficient access controls in phpMyFAQ 4.0.16 and below expose sensitive information including user email addresses and non-public content through multiple API endpoints, allowing unauthenticated attackers to harvest data for phishing or access private records. Public exploit code exists for this vulnerability, and no patch is currently available. Upgrading to version 4.0.17 or later is required to remediate the exposure.

Information Disclosure Phpmyfaq
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-0911 HIGH This Week

Arbitrary file uploads in the Hustle WordPress plugin (versions up to 7.8.9.2) allow authenticated low-privileged users with granted module permissions to bypass file type validation and upload malicious files, potentially enabling remote code execution. An attacker with Subscriber-level access or higher can exploit improper validation in the action_import_module() function if an administrator grants them Hustle module editing capabilities. No patch is currently available, leaving affected WordPress installations vulnerable until an update is released.

WordPress RCE
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-24136 HIGH PATCH This Week

Unauthenticated attackers can exploit an insecure direct object reference vulnerability in Saleor e-commerce platform versions 3.2.0-3.22.28 to retrieve sensitive customer information including personally identifiable data in plain text through the order() GraphQL query. This high-severity vulnerability (CVSS 7.5) affects orders across multiple version branches and has been patched in releases 3.20.110, 3.21.45, and 3.22.29. Organizations unable to patch immediately should implement WAF rules to restrict non-staff access to order queries.

Authentication Bypass Saleor
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1257 HIGH This Week

The Administrative Shortcodes plugin for WordPress through version 0.3.4 allows authenticated contributors and above to execute arbitrary PHP code via insufficient path validation in the get_template shortcode's slug parameter. An attacker with contributor-level permissions can exploit this local file inclusion vulnerability to include malicious files, bypass access controls, and achieve remote code execution on the affected server. A patch is not currently available for this vulnerability.

WordPress PHP LFI
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24469 HIGH This Week

C++ HTTP Server versions 1.0 and below suffer from a path traversal vulnerability in the RequestHandler::handleRequest method that permits unauthenticated remote attackers to read arbitrary files from the server filesystem through malicious HTTP GET requests containing directory traversal sequences. The vulnerability stems from insufficient input validation on the URL path, which is directly concatenated to the base directory without sanitization. No patch is currently available.

Path Traversal
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-0800 HIGH This Week

Stored cross-site scripting in the User Submitted Posts WordPress plugin through version 20251210 allows unauthenticated attackers to inject malicious scripts via custom fields due to inadequate input sanitization. The injected scripts execute in the browsers of any user viewing affected pages, potentially compromising user sessions and data. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-0807 HIGH This Week

Unauthenticated attackers can exploit a Server-Side Request Forgery vulnerability in the WordPress Frontis Blocks plugin (versions up to 1.1.6) through unvalidated URL parameters in the template proxy endpoints to perform arbitrary web requests from the affected server. This allows an attacker to scan internal networks, access local services, or exfiltrate sensitive data without authentication. No patch is currently available.

WordPress SSRF
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-24140 LOW POC PATCH Monitor

MyTube is a self-hosted downloader and player for several video websites. Versions 1.7.78 and below have a Mass Assignment vulnerability in the settings management functionality due to insufficient input validation. The application's saveSettings() function accepts arbitrary key-value pairs without validating property names against allowed settings. The function uses Record<string, any> as input type and iterates over all entries using Object.entries() without filtering unauthorized propertie...

Code Injection Mytube
NVD GitHub
CVSS 3.1
2.7
EPSS
0.1%
CVE-2026-24401 MEDIUM PATCH This Month

Avahi daemon versions 0.9rc2 and below can be remotely crashed through a denial of service attack by sending a specially crafted mDNS response with a recursive CNAME record pointing to itself, triggering unbounded recursion and stack exhaustion. This vulnerability affects systems using multicast record browsers, including those relying on nss-mdns for service discovery. A patch is available for affected installations.

Denial Of Service Avahi Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24139 MEDIUM PATCH This Month

MyTube versions 1.7.78 and earlier allow authenticated users to bypass authorization controls and export the complete application database without proper permission validation. An attacker with guest-level access can retrieve sensitive data they are not authorized to access through the unprotected database export endpoint. A patch is available to address this authorization bypass vulnerability.

Authentication Bypass Information Disclosure Mytube
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1189 MEDIUM This Month

Stored XSS in WordPress LeadBI Plugin versions through 1.7 allows authenticated contributors and above to inject malicious scripts through the 'form_id' shortcode parameter due to missing input sanitization, enabling attackers to execute arbitrary code in pages viewed by other users. The vulnerability requires user authentication and currently lacks a vendor patch.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1098 MEDIUM This Month

Stored cross-site scripting in CM CSS Columns plugin for WordPress through version 1.2.1 allows authenticated contributors and higher-privileged users to inject malicious scripts via improperly sanitized shortcode attributes. When other users view pages containing the injected content, the malicious scripts execute in their browsers, potentially compromising their accounts or stealing sensitive information. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1099 MEDIUM This Month

Stored cross-site scripting in WordPress Administrative Shortcodes plugin through version 0.3.4 allows authenticated contributors and higher-privileged users to inject malicious scripts into pages via insufficiently sanitized shortcode attributes, executing arbitrary code when other users visit affected pages. The vulnerability requires user interaction and authenticated access but can impact site visitors through persistent payload injection. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1097 MEDIUM This Month

Stored XSS in the ThemeRuby Multi Authors WordPress plugin through version 1.0.0 allows authenticated contributors and above to inject malicious scripts via unescaped shortcode attributes that execute in other users' browsers. The vulnerability stems from insufficient input sanitization on the 'before' and 'after' parameters, enabling attackers to compromise page content viewed by site visitors. No patch is currently available for this medium-severity vulnerability.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-14985 MEDIUM This Month

The Alpha Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alpha_block_css’ parameter in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1095 MEDIUM This Month

Stored XSS in the Canto Testimonials WordPress plugin through the 'fx' shortcode attribute allows authenticated users with Contributor access or higher to inject malicious scripts that persist in pages and execute for all visitors. The vulnerability stems from inadequate input sanitization and output escaping in versions up to 1.0, requiring an authenticated attacker but no user interaction. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-14941 MEDIUM This Month

The GZSEO plugin for WordPress is vulnerable to authorization bypass leading to Stored Cross-Site Scripting in all versions up to, and including, 2.0.11. [CVSS 6.4 MEDIUM]

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-12836 MEDIUM This Month

VK Google Job Posting Manager (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.4).

WordPress XSS Google
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13676 MEDIUM This Month

The JustClick registration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping on the `PHP_SELF` server variable. [CVSS 6.1 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-1127 MEDIUM This Month

Reflected XSS in WordPress Timeline Event History plugin (versions up to 3.2) allows unauthenticated attackers to inject arbitrary JavaScript through the unvalidated `id` parameter. An attacker can craft a malicious link to execute scripts in a victim's browser if they click it, potentially leading to session hijacking or credential theft. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-0862 MEDIUM This Month

Save as PDF Plugin by PDFCrowd (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.1).

WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-14797 MEDIUM This Month

The Same Category Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget title placeholder functionality in all versions up to, and including, 1.1.19. [CVSS 5.4 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-1103 MEDIUM This Month

AIKTP plugin for WordPress versions up to 5.0.04 allows authenticated subscribers to retrieve administrator access tokens through an insufficiently protected REST API endpoint, enabling attackers to create posts, upload files, and access private content with admin privileges. The vulnerability stems from missing authorization checks that only verify user login status rather than administrative capabilities. No patch is currently available.

WordPress
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-14629 MEDIUM This Month

The Alchemist Ajax Upload plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the 'delete_file' function in all versions up to, and including, 1.1. [CVSS 5.3 MEDIUM]

WordPress PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-14843 MEDIUM This Month

Wizit Gateway for WooCommerce (WordPress plugin) versions up to 1.2.9. is affected by missing authorization (CVSS 5.3).

WordPress PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-14609 MEDIUM This Month

Wise Analytics (WordPress plugin) versions up to 1.1.9. is affected by missing authorization (CVSS 5.3).

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-0593 MEDIUM This Month

WP Go Maps plugin for WordPress through version 10.0.04 lacks proper capability validation in the processBackgroundAction() function, allowing authenticated Subscriber-level users to modify global map engine settings. This insufficient access control enables low-privileged attackers to alter critical plugin configurations without proper authorization. No patch is currently available for this vulnerability.

WordPress Golang
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-0806 MEDIUM This Month

SQL injection in the WP-ClanWars WordPress plugin through version 2.0.1 allows authenticated administrators to execute arbitrary SQL queries via an unescaped 'orderby' parameter, enabling extraction of sensitive database information. The vulnerability requires high-level administrative privileges and does not allow data modification or system availability impacts. No patch is currently available for this issue.

WordPress SQLi
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-1266 MEDIUM This Month

Stored XSS in WordPress Postalicious plugin through version 3.0.1 allows authenticated administrators to inject malicious scripts into admin settings that execute for all users viewing affected pages. The vulnerability requires high privileges and only impacts multi-site WordPress installations or those with unfiltered_html disabled. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2026-1300 MEDIUM This Month

Stored XSS in the WordPress Responsive Header plugin through version 1.0 allows authenticated administrators to inject malicious scripts into plugin settings that execute for all users viewing affected pages. This impacts multi-site WordPress installations or those with unfiltered_html disabled, requiring high privilege access and manual user interaction to trigger exploitation. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
4.4
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy