Vulnerabilities in Unknown
4,252 resultsCVE-2026-1128MEDIUMWP eCommerce <= 3.15.1 - Coupon Deletion via CSRFEPSS 0.1%CVE-2026-12397—WP Job Portal < 2.5.5 - Subscriber+ Employer Email Disclosure via IDOREPSS —CVE-2026-11963—User Registration & Membership < 5.2.2 - Subscriber+ Cross-User Role and Membership Tier Modification via IDOREPSS —CVE-2026-11964—User Registration & Membership < 5.2.2 - Unauthenticated PayPal Webhook Signature Verification Bypass Leading to Membership ActivationEPSS —CVE-2026-12275—Tutor LMS < 3.9.13 - Subscriber+ Unauthorized Course Enrollment and Private Course Content Disclosure via Droip/Kirki IntegrationEPSS —CVE-2026-12271—Tutor LMS < 3.9.13 - Subscriber+ Arbitrary Quiz Attempt Modification via IDOREPSS —CVE-2026-12081—Database for Contact Form 7, WPforms, Elementor forms < 1.5.2 - Unauthenticated PHP Object Injection via Entry File FieldEPSS —CVE-2026-12582—Library Management System < 3.5.8 - Unauthenticated SQL Injection via book_idEPSS —CVE-2026-12274—Tutor LMS < 3.9.13 - Instructor+ Arbitrary Post Overwrite via IDOREPSS —CVE-2026-10551—Breeze Cache < 2.5.6 - Unauthenticated Stored XSS via Minify LibraryEPSS —CVE-2026-12396—WP Job Portal < 2.5.5 - Subscriber+ Arbitrary Job Approval, Featuring and RejectionEPSS —CVE-2026-12273—Tutor LMS < 3.9.13 - Subscriber+ Arbitrary Auto-Approved Comment CreationEPSS —