|
1851
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Stored XSS.
This issue affects Team Showcase: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2025-62745
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1852
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue …
|
CWE-862
Missing Authorization
|
CVE-2026-24527
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1853
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Convers Lab WPSubscription allows Cross Site Request Forgery.
This issue affects WPSubscription: from n/a through 1.9.1.
|
CWE-352
Origin Validation Error
|
CVE-2026-24554
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1854
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in WPPOOL FlexTable allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects FlexTable: from n/a through 3.24.0.
|
CWE-862
Missing Authorization
|
CVE-2026-24582
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1855
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Themeansar Newses allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Newses: from n/a through 2.0.0.77.
|
CWE-862
Missing Authorization
|
CVE-2026-24586
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1856
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Auto Affiliate Links: from n/a …
|
CWE-862
Missing Authorization
|
CVE-2026-24592
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1857
|
4.9 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects B2BKing: from n/a before 5.2.10.
|
CWE-862
Missing Authorization
|
CVE-2026-27346
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1858
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects WP Search Analytics: from n/a befor…
|
CWE-862
Missing Authorization
|
CVE-2026-27357
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1859
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects RSVP and Event Management: from …
|
CWE-862
Missing Authorization
|
CVE-2026-27398
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1860
|
7.2 |
HIGH
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection.
This issue affects Broadcast Live Video: from n/a before 7.1.3.
|
CWE-94
Code Injection
|
CVE-2026-24937
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
