Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.
Unauthenticated Other Vulnerability Type in Contest Gallery <= 28.1.7 versions.
Unauthenticated Broken Access Control in Classified Listing <= 5.3.8 versions.
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions.
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <
CVE-2026-54806
CRITICAL CVSS 9.8
Find Similar
Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to insufficient rest
Unauthenticated Broken Authentication in SMS Alert Order Notifications <= 3.9.3 versions.
Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions.
Page 1+ Next →