A Reflected Cross-Site Scripting (XSS) vulnerability exists in the skygroup Miti theme for WordPress, allowing attackers to inject malicious scripts into web pages viewed by users. This vulnerability affects Miti versions prior to 1.5.3, and an attacker can craft malicious URLs to execute arbitrary JavaScript in the context of a victim's browser session, potentially stealing credentials, session tokens, or performing actions on behalf of the user. No CVSS score, EPSS metric, or KEV status information is currently available, but the vulnerability has been documented by Patchstack with a patch available in version 1.5.3.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the skygroup Loobek theme (CWE-79: Improper Neutralization of Input During Web Page Generation) that allows attackers to inject malicious scripts into web pages viewed by users. The vulnerability affects Loobek versions prior to 1.5.2, as documented by Patchstack and tracked under ENISA EUVD ID EUVD-2026-15664. An attacker can craft a malicious URL containing unescaped input that, when clicked by a victim, executes arbitrary JavaScript in the victim's browser context, potentially leading to session hijacking, credential theft, or malware distribution.
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Acato WP REST Cache WordPress plugin through version 2026.1.0, allowing attackers to inject and persist malicious JavaScript code that executes in the browsers of site administrators and users. This vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation) and affects all installations of WP REST Cache up to and including version 2026.1.0. An attacker with appropriate access could inject stored XSS payloads that compromise administrator sessions, steal credentials, or modify site content.
A Cross-Site Scripting (XSS) vulnerability exists in AYS Pro FAQ Builder plugin versions up to and including 1.8.2, allowing attackers to inject malicious scripts through improperly neutralized input during web page generation. The vulnerability stems from incorrectly configured access control security levels, enabling unauthenticated or low-privileged attackers to execute arbitrary JavaScript in the context of affected WordPress sites. While CVSS and EPSS scores are not publicly available, the vulnerability was reported by Patchstack and assigned ENISA EUVD ID EUVD-2026-15661, indicating formal recognition across European vulnerability databases.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the kutethemes Boutique WordPress theme versions prior to 2.4.6, allowing attackers to inject malicious scripts into web pages viewed by other users. An attacker can craft a malicious URL containing unsanitized input that, when clicked by a victim, executes arbitrary JavaScript in the victim's browser within the context of the affected website. This vulnerability enables session hijacking, credential theft, malware distribution, and defacement of affected e-commerce sites running vulnerable versions of the Boutique theme.
RSFirewall!, a security plugin for Joomla, contains a Stored Cross-Site Scripting (XSS) vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. The vulnerability affects RSFirewall! versions up to and including 1.1.45, enabling authenticated or unauthenticated attackers (depending on configuration) to store persistent XSS payloads that execute in the browsers of administrators and site visitors. No CVSS score, EPSS data, or KEV status is currently available, but the Patchstack report indicates active awareness of this vulnerability in the security community.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the 8theme XStore Core WordPress plugin (et-core-plugin) that allows attackers to inject malicious scripts into web pages viewed by victims. The vulnerability affects XStore Core versions up to and including 5.6.4, enabling reflected XSS attacks where unsanitized user input is echoed back in HTTP responses without proper neutralization. An attacker can craft malicious URLs containing JavaScript payloads that execute in a victim's browser when clicked, potentially stealing session tokens, credentials, or performing actions on behalf of the user.
A reflected Cross-site Scripting (XSS) vulnerability exists in the Skygroup Jaroti WordPress theme through version 1.4.7, allowing attackers to inject malicious scripts into web pages viewed by users. The vulnerability stems from improper neutralization of user input during web page generation (CWE-79), enabling attackers to execute arbitrary JavaScript in the context of victim browsers. Affected users should upgrade to Jaroti version 1.4.8 or later to remediate the vulnerability; no CVSS score or EPSS data is currently available, and no KEV or POC confirmation has been documented in accessible threat intelligence sources.
A reflected cross-site scripting (XSS) vulnerability exists in the uixthemes Motta Addons WordPress plugin through version 1.6.0, allowing attackers to inject malicious JavaScript into web pages viewed by other users. The vulnerability affects all versions of Motta Addons prior to 1.6.1 and is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation). While no CVSS score, EPSS score, or KEV status is currently available, this is a confirmed vulnerability reported by Patchstack with a clear patch version available, making it a practical security concern for WordPress site administrators using affected versions.
VikRestaurants plugin versions up to and including 1.5.2 contain a Reflected Cross-Site Scripting (XSS) vulnerability that allows attackers to inject malicious JavaScript code into web pages viewed by users. The vulnerability affects the e4jvikwp VikRestaurants product, a restaurant management and booking plugin primarily used in WordPress environments. An attacker can craft a malicious URL containing JavaScript payload and trick users into clicking it, resulting in credential theft, session hijacking, or defacement of the restaurant website.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the stmcan NaturaLife Extensions WordPress plugin through version 2.1, allowing attackers to inject malicious scripts that execute in users' browsers when they visit crafted URLs. The vulnerability stems from improper input neutralization during web page generation (CWE-79), enabling attackers to steal session cookies, perform actions on behalf of users, or redirect users to malicious sites. No CVSS score, EPSS data, or KEV status have been published for this CVE, but the Patchstack report indicates active awareness in the security community.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the WHMCSdes Phox Hosting plugin (versions up to and including 2.0.8) that allows attackers to inject malicious scripts into web pages viewed by other users. The vulnerability stems from improper neutralization of user input during web page generation (CWE-79), enabling attackers to execute arbitrary JavaScript in the context of a victim's browser session. While no CVSS score, EPSS probability, or active KEV status was provided in available intelligence, the reflected XSS classification indicates moderate-to-high real-world risk depending on deployment context and user interaction requirements.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in UpSolution Core plugin versions through 8.41, allowing attackers to inject malicious scripts into web pages viewed by other users. The vulnerability affects the UpSolution Core WordPress plugin (CPE: cpe:2.3:a:upsolution:upsolution_core), enabling attackers to steal session tokens, perform actions on behalf of users, or redirect users to malicious sites through crafted URLs. No CVSS score, EPSS probability, or KEV status is currently available, though Patchstack has confirmed and documented this as a reflected XSS vulnerability.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in NooTheme Visionary Core WordPress plugin through version 1.4.9, allowing attackers to inject malicious scripts that execute in users' browsers when they visit crafted URLs. This vulnerability, classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), affects all installations of the plugin up to and including version 1.4.9. An attacker can craft a malicious link to steal session cookies, perform unauthorized actions on behalf of logged-in users, or redirect users to phishing sites, with the attack vector being network-based and requiring no authentication.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in NooTheme Jobica Core plugin through version 1.4.1, allowing attackers to inject malicious scripts into web pages viewed by users. This vulnerability affects the WordPress plugin ecosystem and could enable attackers to steal session cookies, redirect users to phishing sites, or perform actions on behalf of authenticated users. No CVSS score or EPSS data is currently available, and the vulnerability has not been formally added to the CISA Known Exploited Vulnerabilities (KEV) catalog, though active exploitation potential exists given the Reflected XSS attack vector's simplicity.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in NooTheme's Organici Library plugin for WordPress, affecting versions up to and including 2.1.2. The vulnerability allows unauthenticated attackers to inject malicious scripts into web pages viewed by other users through crafted URLs or form inputs, potentially stealing session cookies, credentials, or performing actions on behalf of victims. While no CVSS score or EPSS data is publicly available, the reflected XSS classification (CWE-79) combined with the lack of apparent access restrictions suggests moderate to high real-world risk, particularly in WordPress environments where plugin vulnerabilities are frequently exploited.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in NooTheme CitiLights WordPress theme versions up to and including 3.7.1, allowing attackers to inject malicious scripts into web pages viewed by other users. The vulnerability stems from improper neutralization of user input during web page generation (CWE-79), enabling attackers to execute arbitrary JavaScript in victims' browsers. An attacker can craft malicious URLs containing JavaScript payloads and trick users into clicking them, potentially leading to session hijacking, credential theft, or malware distribution.
A reflected Cross-Site Scripting (XSS) vulnerability exists in ThemeMakers Car Dealer WordPress theme affecting versions up to and including 1.6.7. The vulnerability allows attackers to inject malicious scripts that execute in the browsers of users who click specially crafted links, potentially leading to session hijacking, credential theft, or malware distribution. No CVSS score, EPSS data, or KEV status is currently available, and the vulnerability has not been reported as actively exploited in public threat intelligence.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in Softwebmedia Gyan Elements WordPress plugin through version 2.2.1, allowing attackers to inject malicious scripts that execute in users' browsers when they visit crafted URLs. This vulnerability affects all versions up to and including 2.2.1, enabling attackers to steal session tokens, perform unauthorized actions, or harvest sensitive user data. While no CVSS score or EPSS data is currently published, the nature of reflected XSS combined with WordPress plugin distribution suggests moderate-to-high real-world exploitation potential, particularly if users remain on vulnerable versions.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the uxper Golo theme that allows attackers to inject malicious scripts into web pages viewed by users. The vulnerability affects Golo versions prior to 1.7.5 and can be exploited by crafting malicious URLs that execute arbitrary JavaScript in the context of a victim's browser. An attacker can steal session cookies, perform actions on behalf of the user, or redirect users to malicious sites without requiring authentication or special privileges.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the WP Telegram Widget and Join Link WordPress plugin (versions up to 2.2.13) that allows attackers to inject malicious JavaScript code into web pages viewed by other users. The vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation) and affects all installations of this plugin running the vulnerable versions. An attacker can craft a malicious URL containing JavaScript payloads that, when clicked by a victim, executes arbitrary code in the victim's browser within the context of the WordPress site, potentially leading to session hijacking, credential theft, or malware distribution. No CVSS score, EPSS data, or KEV status has been published, but Patchstack has documented this vulnerability with a public reference.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the themepassion Legacy Admin WordPress plugin affecting versions up to and including 9.5, which allows attackers to inject malicious scripts into web pages viewed by other users. The vulnerability stems from improper input neutralization during web page generation (CWE-79), enabling arbitrary JavaScript execution in victims' browsers. An attacker can craft a malicious URL containing unfiltered input and trick users into clicking it, potentially leading to session hijacking, credential theft, or malware distribution.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the Ultra WordPress Admin plugin (themepassion) through version 11.7, allowing attackers to inject malicious scripts into web pages viewed by administrators and users. The vulnerability stems from improper neutralization of user input during web page generation, classified under CWE-79. An attacker can craft a malicious URL containing JavaScript payloads that execute in the context of an authenticated user's browser session, potentially leading to session hijacking, credential theft, or unauthorized administrative actions without requiring authentication themselves.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the G5Theme Handmade Framework WordPress plugin through version 3.9, allowing attackers to inject malicious scripts into web pages viewed by other users. The vulnerability stems from improper neutralization of user input during web page generation, classified under CWE-79. Attackers can craft malicious URLs containing JavaScript payloads that execute in victims' browsers when clicked, potentially leading to session hijacking, credential theft, or malware distribution.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the WordPress plugin 'My auctions allegro' (free edition) through version 3.6.35, allowing attackers to inject malicious scripts into web pages viewed by victims. An unauthenticated attacker can craft a malicious URL containing JavaScript code that executes in the victim's browser when clicked, potentially stealing session cookies, redirecting users, or performing actions on behalf of the user. No CVSS score, EPSS score, or KEV status has been assigned, and patch availability status is unclear, though the vulnerability was identified and reported by Patchstack security researchers.
G5Theme Zorka WordPress theme versions up to and including 1.5.7 contain a Reflected Cross-Site Scripting (XSS) vulnerability that fails to properly neutralize user input during web page generation. An attacker can craft a malicious URL containing JavaScript payload and trick users into clicking it, allowing the attacker to execute arbitrary JavaScript in the victim's browser session, potentially stealing session cookies, credentials, or performing actions on behalf of the user. No CVSS score, EPSS probability, or KEV status has been assigned, but the vulnerability is confirmed by Patchstack with a clear attack vector.
An information disclosure vulnerability exists in n8n workflow automation software when Task Runners are enabled, allowing authenticated users with workflow creation or modification permissions to allocate uninitialized memory buffers through the JavaScript Task Runner. These buffers may contain residual data from the same Node.js process including secrets, tokens, and data from prior requests, leading to sensitive information exposure. This vulnerability requires CVE-2026-27496 has a CVSS 4.0 score of 7.1 with high confidentiality impact and affects npm package installations of n8n.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the eyecix JobSearch WordPress plugin through version 3.2.0, allowing attackers to inject malicious scripts into web pages viewed by users. The vulnerability affects all installations of the JobSearch plugin up to and including version 3.2.0, enabling attackers to steal session cookies, perform unauthorized actions on behalf of users, or redirect users to malicious sites. No active exploitation in the wild has been publicly confirmed, though the vulnerability is documented in Patchstack's vulnerability database.
A metadata validation vulnerability in the Linux kernel's Squashfs filesystem implementation allows out-of-bounds memory access when processing corrupted or malicious filesystem images. Specifically, a negative metadata block offset derived from a corrupted index lookup table is passed to squashfs_copy_data without bounds checking, causing a general protection fault. Any Linux system mounting an untrusted Squashfs image is affected, potentially enabling denial of service or information disclosure attacks, though no active exploitation in the wild is currently documented.
A descriptor validation bypass in the Linux kernel's ALSA USB audio subsystem allows malicious USB devices to provide truncated UAC3 (USB Audio Class 3) header descriptors that escape validation checks, potentially causing out-of-bounds memory reads. The vulnerability stems from an incorrect protocol version constant (UAC_VERSION_2 instead of UAC_VERSION_3) in the validator table, causing validation logic to never execute for actual UAC3 devices. Affected are all Linux kernel versions containing the vulnerable code path; while CVSS and EPSS scores are not provided, this is a local privilege escalation / denial of service vector requiring physical USB device access or local code execution capability to exploit.
An out-of-bounds (OOB) memory access vulnerability exists in the Linux kernel's mt76 WiFi driver, specifically in the mt76_connac2_mac_write_txwi_80211() function which fails to validate frame length before accessing management frame fields. This affects all Linux kernel versions containing the vulnerable mt76 driver code and could allow an attacker to read sensitive kernel memory or trigger a denial of service through a specially crafted WiFi management frame. The vulnerability has been patched across multiple stable kernel branches with fixes available since the issue was identified.
Apple's iOS, iPadOS, macOS, tvOS, and watchOS contain a use-after-free vulnerability that could allow a local attacker to corrupt kernel memory or cause unexpected system crashes. An installed application can trigger this memory corruption flaw through user interaction, potentially leading to denial of service or unauthorized kernel-level modifications. No patch is currently available for this vulnerability (CVSS 7.1).
An out-of-bounds (OOB) memory access vulnerability exists in the Linux kernel's MediaTek MT7925 WiFi driver in the mt7925_mac_write_txwi_80211() function, which fails to validate frame length before accessing management frame fields. This vulnerability affects systems running Linux kernel versions with the vulnerable MT7925 driver code and could allow an attacker with local access or the ability to craft malicious wireless frames to read or write out-of-bounds memory, potentially leading to information disclosure or denial of service. While no CVSS score, EPSS data, or active exploitation reports are currently documented, the vulnerability has been patched across multiple stable Linux kernel branches as indicated by four distinct commit references.
A buffer over-read vulnerability exists in the Linux kernel's CXL mailbox command handler where the cxl_payload_from_user_allowed() function casts and dereferences user-supplied payload data without first validating its size. An unprivileged local attacker can send a raw mailbox command with an undersized payload (e.g., 1 byte instead of the expected 16 bytes for CXL_MBOX_OP_CLEAR_LOG) to trigger a kernel memory read past the allocated buffer, causing a KASAN splat and potential denial of service. While not yet listed in the KEV catalog or with public EPSS/CVSS scoring, patch commits are available in the Linux stable kernel repositories, indicating the vulnerability has been resolved upstream.
An out-of-bounds (OOB) memory access vulnerability exists in the Linux kernel's MediaTek MT7996 WiFi driver (mt76) within the mt7996_mac_write_txwi_80211() function. The vulnerability occurs when the function accesses management frame fields without first validating the frame length, potentially allowing information disclosure or denial of service on systems using affected MT7996 hardware. Multiple stable kernel patches are available across several kernel versions, indicating the issue has been actively remediated in the upstream Linux project.
WP Configurator Pro contains a missing authorization vulnerability (CWE-862) that allows attackers to bypass access controls and exploit incorrectly configured security levels within the plugin. All versions of WP Configurator Pro through version 3.7.9 are affected. An attacker can gain unauthorized access to sensitive configuration functions and data by circumventing the broken access control mechanisms, potentially compromising WordPress site integrity and confidentiality.
The Grid WordPress plugin versions prior to 2.8.0 contain a missing authorization vulnerability (CWE-862) that allows attackers to exploit incorrectly configured access control security levels. This broken access control flaw enables unauthorized users to bypass authentication mechanisms and access functionality or data they should not have permission to reach. While no CVSS score or EPSS data is currently available, the vulnerability has been documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15563, indicating active tracking by vulnerability databases.
Out-of-bounds memory access in the Linux kernel's accel/rocket DRM driver allows local authenticated users to trigger denial of service and potential information disclosure during probe failure paths. The flaw stems from improper error unwinding in rocket_probe() when rocket_core_init() fails (notably on EPROBE_DEFER), leaving stale counter state that subsequent code dereferences out of bounds. No public exploit identified at time of analysis, and EPSS scores exploitation likelihood at 0.02% (4th percentile), consistent with a hardware-driver-specific issue requiring local access.
Improper bounds checking in Apple macOS (Sequoia 15.7.4 and earlier, Sonoma 14.8.4 and earlier, Tahoe 26.3 and earlier) permits a local attacker to write out-of-bounds memory through a malicious application, potentially allowing modification of protected filesystem areas. The vulnerability requires user interaction to execute the malicious app and affects the file system's integrity rather than confidentiality. No patch is currently available for this out-of-bounds write condition.
IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 store user credentials and other sensitive information in plain text, allowing local users to read this data. This is a high-severity information disclosure vulnerability with a CVSS score of 7.1, primarily due to the potential for complete confidentiality breach across security boundaries. A patch is available from IBM, and there is no evidence of active exploitation or public proof-of-concept at this time.
This vulnerability is a race condition in the Linux kernel's BPF devmap subsystem that occurs on PREEMPT_RT kernels, where per-CPU bulk queue structures can be accessed concurrently by multiple preemptible tasks on the same CPU. An attacker or unprivileged local process can trigger use-after-free, double-free, or memory corruption conditions by crafting specific XDP (eXpress Data Path) redirect operations that cause concurrent access to shared queue structures, potentially leading to kernel crashes, information disclosure, or privilege escalation. The vulnerability affects all Linux kernel versions with the vulnerable devmap code path and has been patched upstream, though CVSS and EPSS scores are not yet assigned and no public exploit or KEV status is currently documented.
Nanoleaf Lines firmware versions prior to 12.3.6 lack authentication controls on firmware file upload endpoints, allowing remote unauthenticated attackers to upload arbitrary files to the device. This vulnerability enables denial-of-service attacks through storage resource exhaustion and potential firmware tampering without requiring valid credentials or user interaction. The vulnerability has a CVSS score of 6.5 (Medium) with network-based attack vector and low complexity, and is tagged with denial-of-service impact indicators in CISA reporting.
CVE-2026-32326 is a security vulnerability (CVSS 6.9). Remediation should follow standard vulnerability management procedures.
YML for Yandex Market versions prior to 5.3.0 contain a path traversal vulnerability that allows high-privileged attackers to access files outside restricted directories without user interaction. This vulnerability could enable unauthorized disclosure of sensitive information across the system. Currently, no patch is available and exploitation appears unlikely in the wild.
A remote code execution vulnerability in add-ons (CVSS 6.8). Remediation should follow standard vulnerability management procedures.
A path handling vulnerability in iOS and iPadOS allows users with physical access to an iOS device to bypass Activation Lock through improved validation gaps in path handling logic. This authentication bypass affects iOS versions prior to 18.7.7 and 26.2, as well as corresponding iPadOS releases. While no CVSS score or EPSS data is publicly available, the physical access requirement and authentication bypass nature indicate a meaningful risk to device security and stolen device protection.
Path traversal in NYSL Spam Protect for Contact Form 7 up to version 1.2.9 enables authenticated attackers with high privileges to access files outside intended directories. The vulnerability requires administrator-level access and does not allow code execution or service disruption, but could expose sensitive configuration files or other restricted data. No patch is currently available.
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 contain a vulnerability in security settings administration that could allow authenticated attackers with high privileges to bypass expected security controls and gain unauthorized access to sensitive information. The vulnerability affects a critical administrative interface and, while it requires local access and high privileges to exploit, could enable lateral privilege escalation or information disclosure within enterprise environments. No evidence of active exploitation or public proof-of-concept has been reported, but a vendor patch is available.
Saloon versions prior to v4 contain a Server-Side Request Forgery (SSRF) vulnerability in the resolveEndpoint method that allows attackers to redirect authenticated requests to arbitrary hosts. When user-controlled input is passed as an endpoint parameter containing an absolute URL (e.g., https://attacker.example.com), Saloon ignores the connector's base URL and sends the request directly to the attacker-controlled destination, potentially leaking authentication headers, cookies, and tokens. This vulnerability affects the Saloon PHP HTTP client library (composer package saloonphp/saloon) and requires immediate upgrade to v4 or later to remediate.
A SSRF vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.