🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-1647 | متوسط | 6.1 |
The Comment Genius plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` p…
|
— | مارس 21, 2026 |
| CVE-2026-2723 | متوسط | 6.1 |
The Post Snippits plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
|
— | مارس 21, 2026 |
| CVE-2025-13910 | متوسط | 6.1 |
The WP-WebAuthn plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the `wwa_auth` AJA…
|
— | مارس 21, 2026 |
| CVE-2026-32045 | متوسط | 5.9 |
OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes,…
|
— | مارس 21, 2026 |
| CVE-2026-32057 | متوسط | 5.9 |
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pair…
|
— | مارس 21, 2026 |
| CVE-2024-13785 | متوسط | 5.6 |
The The Contact Form, Survey, Quiz & Popup Form Builder – ARForms plugin for WordPress is vulnerable to arbitrary shortc…
|
— | مارس 21, 2026 |
| CVE-2019-25554 | متوسط | 5.5 |
Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the applica…
|
— | مارس 21, 2026 |
| CVE-2019-25559 | متوسط | 5.5 |
SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local atta…
|
— | مارس 21, 2026 |
| CVE-2019-25562 | متوسط | 5.5 |
jetAudio 8.1.7 contains a buffer overflow vulnerability in the video converter component that allows local attackers to …
|
— | مارس 21, 2026 |
| CVE-2019-25564 | متوسط | 5.5 |
PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by …
|
— | مارس 21, 2026 |
| CVE-2019-25570 | متوسط | 5.5 |
RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the ap…
|
— | مارس 21, 2026 |
| CVE-2019-25577 | متوسط | 5.5 |
SeoToaster Ecommerce 3.0.0 contains a local file inclusion vulnerability that allows authenticated attackers to read arb…
|
— | مارس 21, 2026 |
| CVE-2026-3347 | متوسط | 5.5 |
The Multi Functional Flexi Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `arv_lb[me…
|
— | مارس 21, 2026 |
| CVE-2026-32044 | متوسط | 5.5 |
OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypas…
|
— | مارس 21, 2026 |
| CVE-2026-32898 | متوسط | 5.4 |
OpenClaw versions prior to 2026.2.23 contain an authorization bypass vulnerability in the ACP client that auto-approves …
|
— | مارس 21, 2026 |
| CVE-2026-32895 | متوسط | 5.4 |
OpenClaw versions prior to 2026.2.26 fail to enforce sender authorization in member and message subtype system event han…
|
— | مارس 21, 2026 |
| CVE-2026-1253 | متوسط | 5.3 |
The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to unauthorized modification of data due to a…
|
— | مارس 21, 2026 |
| CVE-2026-3506 | متوسط | 5.3 |
The WP-Chatbot for Messenger plugin for WordPress is vulnerable to authorization bypass in all versions up to, and inclu…
|
— | مارس 21, 2026 |
| CVE-2026-3546 | متوسط | 5.3 |
The e-shot form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and …
|
— | مارس 21, 2026 |
| CVE-2026-3460 | متوسط | 5.3 |
The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to…
|
— | مارس 21, 2026 |