Vulnerabilities database (CVE, CAPEC, CWE, Exploit-db)

8.8 CVE-2026-2001
The WowRevenue plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing...

2026-02-16T20:19:36.190

7.5 CVE-2026-2474
Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the...

2026-02-17T15:16:23.760

9.8 CVE-2025-15578
Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id is...

2026-02-17T15:16:06.270

9.8 CVE-2026-2439
Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids. The generate_session_id...

2026-02-17T15:16:23.420

8.8 CVE-2025-12062
The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin...

2026-02-17T00:16:17.080

CVE-2026-26220
LightLLM version 1.1.0 and prior contain an unauthenticated remote code execution vulnerability in PD...

2026-02-17T03:16:01.893

4.4 CVE-2026-2002
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress...

2026-02-17T05:16:17.080

7.7 CVE-2026-2592
The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to...

2026-02-17T05:16:17.430

5.3 CVE-2026-1657
The EventPrime plugin for WordPress is vulnerable to unauthorized image file upload in all versions...

2026-02-17T06:16:18.173

5.8 CVE-2026-0829
The Frontend File Manager Plugin WordPress plugin through 23.5 allows unauthenticated users to send...

2026-02-17T15:16:19.980

7.2 CVE-2026-1216
The RSS Aggregator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'template'...

2026-02-17T10:15:57.757

CVE-2026-25903
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on...

2026-02-17T11:16:05.500

8.6 CVE-2025-7631
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in...

2026-02-17T12:16:15.090

6.5 CVE-2025-8303
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability...

2026-02-17T12:16:15.280

CVE-2026-2247
SQL injection vulnerability (SQLi) in Clicldeu SaaS, specifically in the generation of reports, which...

2026-02-17T12:16:15.443

4.3 CVE-2026-2608
The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable...

2026-02-17T12:16:15.600

7.2 CVE-2026-2615
A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the function singlePortForwardDelete...

2026-02-17T13:16:17.113

6.1 CVE-2025-7706
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research...

2026-02-17T14:16:00.483

5.4 CVE-2026-23861
Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input...

2026-02-17T14:16:01.773

7 CVE-2026-25087
Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through...

2026-02-17T15:16:22.610

6.5 CVE-2022-41650
Missing Authorization vulnerability in Paul Custom Content by Country (by Shield Security) custom-content-by-country.This...

2026-02-17T15:16:04.573