Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
9.0 HIGH
CVE-2026-13580 — Edimax EW-7478APC POST Request formQoS buffer overflow

A security vulnerability has been detected in Edimax EW-7478APC 1.04. This affects the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argu…

ew-7478apc | Remote | Memory Corruption
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-13437 — Devolutions PowerShell Universal: Information Disclosure in AI Agent Job API

Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, poten…

powershell_universal powershell_universal | Remote | Information Disclosure
Jun 29, 2026 Jul 02, 2026
Jun 29, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-57341 — WordPress Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin <= 2.9.0 - I…

Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions.

Remote | Authorization
Jun 29, 2026 Jul 01, 2026
Jun 29, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-57340 — WordPress Japanized For WooCommerce plugin <= 2.9.12 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.

japanized_for_woocommerce | Remote | Authorization
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
6.6 MEDIUM
CVE-2026-57339 — WordPress Business Directory plugin <= 6.4.23 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions.

Remote | Authorization
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
7.1 HIGH
CVE-2026-57338 — WordPress ARForms plugin <= 7.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.

arforms | Remote | Cross-Site Scripting
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
7.1 HIGH
CVE-2026-57337 — WordPress Landing Page Builder plugin <= 1.5.3.5 - Cross Site Scripting (XSS) vulnerabili…

Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.

landing_page_builder | Remote | Cross-Site Scripting
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
7.1 HIGH
CVE-2026-57336 — WordPress Jobify theme <= 4.3.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.

jobify | Remote | Cross-Site Scripting
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-57335 — WordPress Ads by WPQuads plugin <= 3.0.3 - Broken Access Control vulnerability

Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions.

ads | Remote | Authorization
Jun 29, 2026 Jul 01, 2026
Jun 29, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-57334 — WordPress WP User Frontend plugin <= 4.3.7 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.

wp_user_frontend | Remote | Authentication
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
7.1 HIGH
CVE-2026-57333 — WordPress Link Whisper Free plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulner…

Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.

Remote | Cross-Site Scripting
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
7.1 HIGH
CVE-2026-57332 — WordPress Wallet System for WooCommerce plugin <= 2.7.6 - Broken Access Control vulnerabi…

Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.

wallet_system_for_woocommerce | Remote | Authorization
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
9.9 CRITICAL
CVE-2026-57331 — WordPress Paid Videochat Turnkey Site plugin <= 7.4.8 - Arbitrary File Deletion vulnerabi…

Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions.

Remote | Path Traversal
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-57330 — WordPress MasterStudy LMS plugin <= 3.7.27 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions.

masterstudy_lms | Remote | Cross-Site Scripting
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-57329 — WordPress WooCommerce Designer Pro plugin <= 1.9.34 - Cross Site Scripting (XSS) vulnerab…

Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions.

Remote | Cross-Site Scripting
Jun 29, 2026 Jul 01, 2026
Jun 29, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-57328 — WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.

Remote | Cross-Site Scripting
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
6.3 MEDIUM
CVE-2026-57327 — WordPress MainWP plugin <= 6.1.1 - Broken Access Control vulnerability

Subscriber Broken Access Control in MainWP <= 6.1.1 versions.

mainwp | Remote | Authorization
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-57326 — WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.

Remote | Cross-Site Scripting
Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
7.1 HIGH
CVE-2026-57320 — WordPress BEAR plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions.

Jun 29, 2026 Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
10.0 CRITICAL
CVE-2026-56290 — Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension…

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.

page_builder_ck | Remote | Authentication
Jun 29, 2026 Jul 02, 2026
Jun 29, 2026
Jul 02, 2026
Showing 20 of 7896 Results