CVE Schwachstellen

CVE-Datenbank angereichert mit CISA KEV und NVD Daten

Gesamt: 5,396 CVEs

CVE ID	CVSS	Schweregrad	KEV	Veroffentlicht
CVE-2026-27373 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Essekia Tablesome tablesome allows Blind SQL Injection.This issue affects Tablesome: from n/a thro...	8.5	HIGH	—	3/5/2026
CVE-2026-27370 Insertion of Sensitive Information Into Sent Data vulnerability in Premio Chaty chaty allows Retrieve Embedded Sensitive Data.This issue affects Chaty: from n/a through <= 3.5.1.	7.5	HIGH	—	3/5/2026
CVE-2026-27369 Deserialization of Untrusted Data vulnerability in BoldThemes Celeste celeste allows Object Injection.This issue affects Celeste: from n/a through <= 1.3.6.	8.1	HIGH	—	3/5/2026
CVE-2026-27367 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Musico musico allows Reflected XSS.This issue affects Musico: from n/a through <= 3.2.4...	7.1	HIGH	—	3/5/2026
CVE-2026-27363 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon allows Stored XSS.This issue aff...	7.1	HIGH	—	3/5/2026
CVE-2026-27362 Missing Authorization vulnerability in kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP B...	6.5	MEDIUM	—	3/5/2026
CVE-2026-27361 Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff...	7.5	HIGH	—	3/5/2026
CVE-2026-27359 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Awa Plugins awa-plugins allows Reflected XSS.This issue affects Awa Plugins: from n/a t...	7.1	HIGH	—	3/5/2026
CVE-2026-27358 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Architecturer architecturer allows Reflected XSS.This issue affects Architecturer: from...	7.1	HIGH	—	3/5/2026
CVE-2026-27354 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product allows Store...	6.5	MEDIUM	—	3/5/2026
CVE-2026-27353 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand News grandnews allows Reflected XSS.This issue affects Grand News: from n/a throu...	7.1	HIGH	—	3/5/2026
CVE-2026-27352 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Starto starto allows Reflected XSS.This issue affects Starto: from n/a through <= 2.1.9...	7.1	HIGH	—	3/5/2026
CVE-2026-27348 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Photography photography allows DOM-Based XSS.This issue affects Photography: from n/a t...	7.1	HIGH	—	3/5/2026
CVE-2026-27344 Missing Authorization vulnerability in inseriswiss inseri core inseri-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects inseri core: from n/a through <= 1...	5.3	MEDIUM	—	3/5/2026
CVE-2026-27342 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes TopFit - Fitness and Gym WordPress Theme topfit allows PHP Local ...	8.1	HIGH	—	3/5/2026
CVE-2026-27341 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes TopScorer - Sports WordPress Theme topscorer allows PHP Local Fil...	8.1	HIGH	—	3/5/2026
CVE-2026-27340 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Apollo \| Night Club, DJ Event WordPress Theme apollo allows PHP Lo...	8.1	HIGH	—	3/5/2026
CVE-2026-27339 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Buzz Stone \| Magazine & Viral Blog WordPress Theme buzzstone allow...	8.1	HIGH	—	3/5/2026
CVE-2026-27338 Deserialization of Untrusted Data vulnerability in AivahThemes Car Zone carzone allows Object Injection.This issue affects Car Zone: from n/a through <= 3.7.	8.8	HIGH	—	3/5/2026
CVE-2026-27337 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle al...	8.1	HIGH	—	3/5/2026
CVE-2026-27336 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Consultor \| Consulting, Accounting & Legal Counsel WordPress Theme...	8.1	HIGH	—	3/5/2026
CVE-2026-27335 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme ekoterra allows...	8.1	HIGH	—	3/5/2026
CVE-2026-27334 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dan_fisher Alchemists alchemists allows PHP Local File Inclusion.This issue aff...	8.1	HIGH	—	3/5/2026
CVE-2026-27332 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Skygroup Agrofood allows Reflected XSS.This issue affects Agrofood: from n/a before 1.4.0.	7.1	HIGH	—	3/5/2026
CVE-2026-27326 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes AC Services \| HVAC, Air Conditioning & Heating Company WordPress Th...	8.1	HIGH	—	3/5/2026
CVE-2026-27098 Deserialization of Untrusted Data vulnerability in axiomthemes Au Pair Agency - Babysitting & Nanny Theme au-pair-agency allows Object Injection.This issue affects Au Pair Agency - Babysitting & Nanny...	8.1	HIGH	—	3/5/2026
CVE-2026-27097 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes CasaMia \| Property Rental Real Estate WordPress Theme casamia allo...	8.1	HIGH	—	3/5/2026
CVE-2026-24963 Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a through <= 1.2.38.	7.2	HIGH	—	3/5/2026
CVE-2026-24960 Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Charety charety allows Using Malicious Files.This issue affects Charety: from n/a through < 2.0.2.	9.9	CRITICAL	—	3/5/2026
CVE-2026-24385 Deserialization of Untrusted Data vulnerability in gerritvanaaken Podlove Web Player podlove-web-player allows Object Injection.This issue affects Podlove Web Player: from n/a through <= 5.9.1.	7.5	HIGH	—	3/5/2026
CVE-2026-23802 Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through <= 3.3.2.	9.1	CRITICAL	—	3/5/2026
CVE-2026-23801 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes The Issue theissue allows PHP Local File Inclusion.This issue affect...	8.1	HIGH	—	3/5/2026
CVE-2026-23799 Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through <= 3.9.5.	6.5	MEDIUM	—	3/5/2026
CVE-2026-23798 Deserialization of Untrusted Data vulnerability in blubrry PowerPress Podcasting powerpress allows Object Injection.This issue affects PowerPress Podcasting: from n/a through <= 11.15.10.	8.8	HIGH	—	3/5/2026
CVE-2026-23767 ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinatio...	9.8	CRITICAL	—	3/5/2026
CVE-2026-23546 Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme Classified Listing classified-listing allows Retrieve Embedded Sensitive Data.This issue affects Classified Listing: from...	6.5	MEDIUM	—	3/5/2026
CVE-2026-22501 Deserialization of Untrusted Data vulnerability in axiomthemes Mounthood mounthood allows Object Injection.This issue affects Mounthood: from n/a through <= 1.3.2.	9.8	CRITICAL	—	3/5/2026
CVE-2026-22497 Deserialization of Untrusted Data vulnerability in AncoraThemes Jardi jardi allows Object Injection.This issue affects Jardi: from n/a through <= 1.7.2.	9.8	CRITICAL	—	3/5/2026
CVE-2026-22479 Missing Authorization vulnerability in ThemeRuby Easy Post Submission easy-post-submission allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Post Submissi...	7.5	HIGH	—	3/5/2026
CVE-2026-22478 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes FindAll findall allows PHP Local File Inclusion.This issue affect...	8.1	HIGH	—	3/5/2026
CVE-2026-22477 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Felizia felizia allows PHP Local File Inclusion.This issue affects...	8.1	HIGH	—	3/5/2026
CVE-2026-22476 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Et...	8.1	HIGH	—	3/5/2026
CVE-2026-22475 Deserialization of Untrusted Data vulnerability in axiomthemes Estate estate allows Object Injection.This issue affects Estate: from n/a through <= 1.3.4.	9.8	CRITICAL	—	3/5/2026
CVE-2026-22474 Deserialization of Untrusted Data vulnerability in ThemeREX Equestrian Centre equestrian-centre allows Object Injection.This issue affects Equestrian Centre: from n/a through <= 1.5.	9.8	CRITICAL	—	3/5/2026
CVE-2026-22473 Deserialization of Untrusted Data vulnerability in designthemes Dental Clinic dental allows Object Injection.This issue affects Dental Clinic: from n/a through <= 3.7.	8.8	HIGH	—	3/5/2026
CVE-2026-22471 Deserialization of Untrusted Data vulnerability in maximsecudeal Secudeal Payments for Ecommerce secudeal-payments-for-ecommerce allows Object Injection.This issue affects Secudeal Payments for Ecomme...	8.6	HIGH	—	3/5/2026
CVE-2026-22467 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mwtemplates DeepDigital deepdigital allows Reflected XSS.This issue affects DeepDigital: from n/a ...	7.1	HIGH	—	3/5/2026
CVE-2026-22465 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SeventhQueen BuddyApp buddyapp allows Reflected XSS.This issue affects BuddyApp: from n/a through ...	7.1	HIGH	—	3/5/2026
CVE-2026-22460 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpWax FormGent formgent allows Path Traversal.This issue affects FormGent: from n/a through <= 1.4.2.	8.6	HIGH	—	3/5/2026
CVE-2026-22459 Missing Authorization vulnerability in Blend Media WordPress CTA easy-sticky-sidebar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a ...	6.5	MEDIUM	—	3/5/2026

Seite 75 von 108

Zuruck Weiter

This product uses data from the NVD API but is not endorsed or certified by the NVD.