|
4371
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery …
|
CWE-79
Cross-site Scripting
|
CVE-2026-32526
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4372
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-insightly allows Exploiting Incorrectly Configured Access Control …
|
CWE-862
Missing Authorization
|
CVE-2026-32527
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4373
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en CRM Perks WP Insightly para Contact Form 7, WPForms, Elementor, Formidable y Ninja Forms cf7-insightly permite la explotación de niveles de seguridad de con…
|
CWE-862
Missing Authorization
|
CVE-2026-32527
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4374
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in don-themes Riode riode allows Reflected XSS.This issue affects Riode: from n/a through < 1.6.29.
|
CWE-79
Cross-site Scripting
|
CVE-2026-32528
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4375
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización incorrecta de la entrada durante la generación de páginas web ('cross-site scripting') vulnerabilidad en don-themes Riode riode permite XSS reflejado. Este problema afecta a Riode: des…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32528
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4376
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in don-themes Molla molla allows Reflected XSS.This issue affects Molla: from n/a through < 1.5.19.
|
CWE-79
Cross-site Scripting
|
CVE-2026-32529
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4377
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización incorrecta de la entrada durante la generación de páginas web ('cross-site scripting') vulnerabilidad en don-themes Molla molla permite XSS Reflejado. Este problema afecta a Molla: des…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32529
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4378
|
8.8 |
HIGH
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through <= 1.1.18.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-32530
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4379
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Asignación Incorrecta de Privilegios en WPFunnels Creator LMS creatorlms permite la escalada de privilegios. Este problema afecta a Creator LMS: desde n/a hasta <= 1.1.18.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-32530
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4380
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: f…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-32531
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
