Recent
Published 2026-05-13 by jpcert
Hitachi Vantara Pentaho Data Integration & Analytics - Dependency on Vulnerable Third-Party Component
Published 2026-05-13 by HITVAN
Improper Authorization in Gerrit allowing Code Review Bypass via "Submitted Together"
Published 2026-05-13 by Google
Tutor LMS <= 3.9.9 - Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Post Deletion via 'course' GET Parameter
Published 2026-05-13 by Wordfence
ilGhera Support System for WooCommerce <= 1.3.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure
Published 2026-05-13 by Wordfence
JoomSport <= 5.7.7 - Unauthenticated SQL Injection via 'sortf' Parameter
Published 2026-05-13 by Wordfence
Published 2026-05-13 by jpcert
Published 2026-05-13 by SamsungMobile
Published 2026-05-13 by SamsungMobile
Published 2026-05-13 by SamsungMobile
Published 2026-05-13 by SamsungMobile
Published 2026-05-13 by SamsungMobile
Published 2026-05-13 by SamsungMobile
Published 2026-05-13 by SamsungMobile
Published 2026-05-13 by SamsungMobile
Broadstreet <= 1.53.1 - Authenticated (Admin+) Stored Cross-Site Scripting
Published 2026-05-13 by Wordfence
Blog2Social: Social Media Auto Post & Scheduler <= 8.9.0 - Missing Authorization to Authenticated (Subscriber+) Delete Arbitrary B2S Post Records via 'postId' Parameter
Published 2026-05-13 by Wordfence
Fluent Forms <= 6.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'permission_message' Shortcode Attribute
Published 2026-05-13 by Wordfence
Broadstreet <= 1.53.1 - Authenticated (Subscriber+) Information Disclosure
Published 2026-05-13 by Wordfence
Cost of Goods: Product Cost & Profit Calculator for WooCommerce <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published 2026-05-13 by Wordfence
Load more ↓