|
2571
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in SePay team SePay Gateway allows Retrieve Embedded Sensitive Data.
This issue affects SePay Gateway: from n/a through 1.1.20.
|
CWE-862
Missing Authorization
|
CVE-2026-42763
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2572
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection.
This issue affects eMagicOne Store…
|
CWE-89
SQL Injection
|
CVE-2026-42773
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2573
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetEngine allows SQL Injection.
This issue affects JetEngine: from n/a through 3.8.8.…
|
CWE-89
SQL Injection
|
CVE-2026-42774
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2574
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Sunshine Photo Cart: from n/a throu…
|
CWE-862
Missing Authorization
|
CVE-2026-42776
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2575
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in edward_plainview MyCryptoCheckout allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects MyCryptoCheckout: from n/a throug…
|
CWE-862
Missing Authorization
|
CVE-2026-45209
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2576
|
8.8 |
HIGH
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows Privilege Escalation.
This issue affects Smart Manager: from n/a through 8.85.0.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-45216
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2577
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation.
This issue affects Stripe Payment Ga…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-45217
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2578
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows DOM-Based XSS.
This issue affects WP Activity Log: from n/a thr…
|
CWE-79
Cross-site Scripting
|
CVE-2026-45435
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2579
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Smart Coupons for WooCommer…
|
CWE-862
Missing Authorization
|
CVE-2026-45438
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2580
|
8.5 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection.
This issue affects Unlimited Elemen…
|
CWE-89
SQL Injection
|
CVE-2026-48837
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
