Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
530
VMScore
CVE-2025-26948
Missing Authorization vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a up to and including 3.8.3.2.
Notfound Pie Register Premium
750
VMScore
CVE-2025-26949
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Team Section Block allows Stored XSS. This issue affects Team Section Block: from n/a up to and including 1.0.9.
Bplugins Team Section Block
750
VMScore
CVE-2025-26952
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Business Card Block allows Stored XSS. This issue affects Business Card Block: from n/a up to and including 1.0.5.
Bplugins Business Card Block
850
VMScore
CVE-2025-26957
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Deetronix Affiliate Coupons allows PHP Local File Inclusion. This issue affects Affiliate Coupons: from n/a up to and including 1.7.3.
Deetronix Affiliate Coupons
750
VMScore
CVE-2025-26960
Missing Authorization vulnerability in enituretechnology Small Package Quotes – Unishippers Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Small Package Quotes – Unishippers Edition: from n/a up to and including 2.4...
Enituretechnology Small Package Quotes – Unishippers Edition
750
VMScore
CVE-2025-26962
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Easy Contact Form Lite allows Stored XSS. This issue affects Easy Contact Form Lite : from n/a up to and including 1.1.25.
Ghozylab Easy Contact Form Lite
640
VMScore
CVE-2025-26963
Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale allows Cross Site Request Forgery. This issue affects ClickWhale: from n/a up to and including 2.4.3.
Flowdee Clickwhale
850
VMScore
CVE-2025-26964
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themewinter Eventin allows PHP Local File Inclusion. This issue affects Eventin: from n/a up to and including 4.0.20.
630
VMScore
CVE-2025-26965
Authorization Bypass Through User-Controlled Key vulnerability in ameliabooking Amelia allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Amelia: from n/a up to and including 1.2.16.
1000
VMScore
CVE-2025-26966
Authentication Bypass Using an Alternate Path or Channel vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a up to and including 8.11.5.
Preferred Score:
VMScore
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
local file inclusion
dcmtk
CVE-2025-24813
CVE-2023-52315
directory listings wordpress plugin – ulisting
CVE-2025-2348
IDOR
CVE-2024-12336
vam
CVE-2025-24856
wireless
wordpress form builder plugin for contact forms, surveys and quizzes – tripetto
CVE-2024-55591
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »
Vulmon